genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r10=>0x0})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:03 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x4000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:03 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x22101, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, 0x0)

03:50:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0x80086601, 0x0)

03:50:04 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000780)={0x40c, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME={0x39e, 0x33, @probe_response={{}, 0x3, @default, 0x0, @val={0x0, 0x0, @random="83a03427a77634f514cd48561d76ad6edb9f223eb2e78388f08e236930"}, @void, @void, @void, @void, @void, @val, @val={0x71, 0x0, {0xffffffffffffffff, 0x1, 0x0, 0x1, 0x0, 0x2, 0x28}}, [{0xdd, 0x0, "1b16c986a7d99352a68a81e490f714a8c3f52fba44b2a5b20b43ad3be6804492118522e37832472ada09467b6855c5f1e3a703e9653973"}, {0xdd, 0x0, "c7946dbd7154c565796df3a2cae1bccc3d79ddb4eb7b160b1771344e284ab9fe1fb197c2194cb6fea6b727f3587b72f55c926e3acb18ac2fcfae23df82f315cc22811ce346416eaeaee407ee1c39553c2b6b6d263cd52d6f6e112ab5ae958db3e15e25e2dcac56d57c6f21b0a994976ccaaeaf6ff9ef319f58ca86953c9f85796033b2"}, {0xdd, 0x0, "6a26ee59e2fcd7ca305ce24122620d50e6ec26ed916a667b788a53081cc5d73cab93490f94b19039389900c7b442523df3586c4afd8f609585f63de8b66a02412a683d2b6b29466b146788ccf1f9a477e9d32ed3bbd1bda0fa5e5885329b048480f2aa904942404e13d97697fa11dc37acb95051eff96068a4418041f036978751a1da0a214ec65900f05cb462ba7a0bba6d4c6af0356704096c448f28f33016971b6e3c49a6710940f6c9203d77e767816f50c31a517514dcd80abb582e25cf01db89f4c0"}, {0xdd, 0x0, "4719d070ae3bc06d5609c6f144f16b4d053d086b4d2e2cf29492c7f819252198c74940d9ce599db99c6cf07d7b27167e4623"}]}}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x395}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x7, 0x1c, 0x0]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x36}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x40c}, 0x1, 0x0, 0x0, 0x4884}, 0x40180)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="e0993000000400"/16, @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r10=>0x0})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x5000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:04 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x22101, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, 0x0)

03:50:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0x801c581f, 0x0)

03:50:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x6000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:04 executing program 2:
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x22101, 0x0)
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000040))
ioctl$SNDCTL_DSP_SETTRIGGER(r0, 0x40045010, &(0x7f0000000080))

03:50:04 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000780)={0x40c, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME={0x39e, 0x33, @probe_response={{}, 0x3, @default, 0x0, @val={0x0, 0x0, @random="83a03427a77634f514cd48561d76ad6edb9f223eb2e78388f08e236930"}, @void, @void, @void, @void, @void, @val, @val={0x71, 0x0, {0xffffffffffffffff, 0x1, 0x0, 0x1, 0x0, 0x2, 0x28}}, [{0xdd, 0x0, "1b16c986a7d99352a68a81e490f714a8c3f52fba44b2a5b20b43ad3be6804492118522e37832472ada09467b6855c5f1e3a703e9653973"}, {0xdd, 0x0, "c7946dbd7154c565796df3a2cae1bccc3d79ddb4eb7b160b1771344e284ab9fe1fb197c2194cb6fea6b727f3587b72f55c926e3acb18ac2fcfae23df82f315cc22811ce346416eaeaee407ee1c39553c2b6b6d263cd52d6f6e112ab5ae958db3e15e25e2dcac56d57c6f21b0a994976ccaaeaf6ff9ef319f58ca86953c9f85796033b2"}, {0xdd, 0x0, "6a26ee59e2fcd7ca305ce24122620d50e6ec26ed916a667b788a53081cc5d73cab93490f94b19039389900c7b442523df3586c4afd8f609585f63de8b66a02412a683d2b6b29466b146788ccf1f9a477e9d32ed3bbd1bda0fa5e5885329b048480f2aa904942404e13d97697fa11dc37acb95051eff96068a4418041f036978751a1da0a214ec65900f05cb462ba7a0bba6d4c6af0356704096c448f28f33016971b6e3c49a6710940f6c9203d77e767816f50c31a517514dcd80abb582e25cf01db89f4c0"}, {0xdd, 0x0, "4719d070ae3bc06d5609c6f144f16b4d053d086b4d2e2cf29492c7f819252198c74940d9ce599db99c6cf07d7b27167e4623"}]}}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x395}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x7, 0x1c, 0x0]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x36}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x40c}, 0x1, 0x0, 0x0, 0x4884}, 0x40180)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="e0993000000400"/16, @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r11=>0x0})
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r12, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:04 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0x80086301, 0x0)

03:50:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x7000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xc0045878, 0x0)

03:50:04 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000780)={0x40c, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME={0x39e, 0x33, @probe_response={{}, 0x3, @default, 0x0, @val={0x0, 0x0, @random="83a03427a77634f514cd48561d76ad6edb9f223eb2e78388f08e236930"}, @void, @void, @void, @void, @void, @val, @val={0x71, 0x0, {0xffffffffffffffff, 0x1, 0x0, 0x1, 0x0, 0x2, 0x28}}, [{0xdd, 0x0, "1b16c986a7d99352a68a81e490f714a8c3f52fba44b2a5b20b43ad3be6804492118522e37832472ada09467b6855c5f1e3a703e9653973"}, {0xdd, 0x0, "c7946dbd7154c565796df3a2cae1bccc3d79ddb4eb7b160b1771344e284ab9fe1fb197c2194cb6fea6b727f3587b72f55c926e3acb18ac2fcfae23df82f315cc22811ce346416eaeaee407ee1c39553c2b6b6d263cd52d6f6e112ab5ae958db3e15e25e2dcac56d57c6f21b0a994976ccaaeaf6ff9ef319f58ca86953c9f85796033b2"}, {0xdd, 0x0, "6a26ee59e2fcd7ca305ce24122620d50e6ec26ed916a667b788a53081cc5d73cab93490f94b19039389900c7b442523df3586c4afd8f609585f63de8b66a02412a683d2b6b29466b146788ccf1f9a477e9d32ed3bbd1bda0fa5e5885329b048480f2aa904942404e13d97697fa11dc37acb95051eff96068a4418041f036978751a1da0a214ec65900f05cb462ba7a0bba6d4c6af0356704096c448f28f33016971b6e3c49a6710940f6c9203d77e767816f50c31a517514dcd80abb582e25cf01db89f4c0"}, {0xdd, 0x0, "4719d070ae3bc06d5609c6f144f16b4d053d086b4d2e2cf29492c7f819252198c74940d9ce599db99c6cf07d7b27167e4623"}]}}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x395}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x7, 0x1c, 0x0]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x36}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x40c}, 0x1, 0x0, 0x0, 0x4884}, 0x40180)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="e0993000000400"/16, @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r11=>0x0})
r12 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r12, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x8000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  344.786338][ T3653] Bluetooth: hci5: command 0x1003 tx timeout
[  344.793769][ T3546] Bluetooth: hci5: sending frame failed (-49)
[  346.861898][ T3653] Bluetooth: hci5: command 0x1001 tx timeout
[  346.868714][ T3546] Bluetooth: hci5: sending frame failed (-49)
[  348.941788][ T3820] Bluetooth: hci5: command 0x1009 tx timeout
03:50:13 executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

03:50:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xc0045878, 0x0)

03:50:13 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r6=>0x0})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r5, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000780)={0x40c, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r6}, @void}}, [@NL80211_ATTR_FRAME={0x39e, 0x33, @probe_response={{}, 0x3, @default, 0x0, @val={0x0, 0x0, @random="83a03427a77634f514cd48561d76ad6edb9f223eb2e78388f08e236930"}, @void, @void, @void, @void, @void, @val, @val={0x71, 0x0, {0xffffffffffffffff, 0x1, 0x0, 0x1, 0x0, 0x2, 0x28}}, [{0xdd, 0x0, "1b16c986a7d99352a68a81e490f714a8c3f52fba44b2a5b20b43ad3be6804492118522e37832472ada09467b6855c5f1e3a703e9653973"}, {0xdd, 0x0, "c7946dbd7154c565796df3a2cae1bccc3d79ddb4eb7b160b1771344e284ab9fe1fb197c2194cb6fea6b727f3587b72f55c926e3acb18ac2fcfae23df82f315cc22811ce346416eaeaee407ee1c39553c2b6b6d263cd52d6f6e112ab5ae958db3e15e25e2dcac56d57c6f21b0a994976ccaaeaf6ff9ef319f58ca86953c9f85796033b2"}, {0xdd, 0x0, "6a26ee59e2fcd7ca305ce24122620d50e6ec26ed916a667b788a53081cc5d73cab93490f94b19039389900c7b442523df3586c4afd8f609585f63de8b66a02412a683d2b6b29466b146788ccf1f9a477e9d32ed3bbd1bda0fa5e5885329b048480f2aa904942404e13d97697fa11dc37acb95051eff96068a4418041f036978751a1da0a214ec65900f05cb462ba7a0bba6d4c6af0356704096c448f28f33016971b6e3c49a6710940f6c9203d77e767816f50c31a517514dcd80abb582e25cf01db89f4c0"}, {0xdd, 0x0, "4719d070ae3bc06d5609c6f144f16b4d053d086b4d2e2cf29492c7f819252198c74940d9ce599db99c6cf07d7b27167e4623"}]}}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x395}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x7, 0x1c, 0x0]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x36}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x40c}, 0x1, 0x0, 0x0, 0x4884}, 0x40180)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r10=>0x0})
r11 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r11, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r9, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r10}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:13 executing program 2:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000080)={&(0x7f0000000780)={0x40c, r1, 0x2, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME={0x39e, 0x33, @probe_response={{}, 0x3, @default, 0x0, @val={0x0, 0x0, @random="83a03427a77634f514cd48561d76ad6edb9f223eb2e78388f08e236930"}, @void, @void, @void, @void, @void, @val, @val={0x71, 0x0, {0xffffffffffffffff, 0x1, 0x0, 0x1, 0x0, 0x2, 0x28}}, [{0xdd, 0x0, "1b16c986a7d99352a68a81e490f714a8c3f52fba44b2a5b20b43ad3be6804492118522e37832472ada09467b6855c5f1e3a703e9653973"}, {0xdd, 0x0, "c7946dbd7154c565796df3a2cae1bccc3d79ddb4eb7b160b1771344e284ab9fe1fb197c2194cb6fea6b727f3587b72f55c926e3acb18ac2fcfae23df82f315cc22811ce346416eaeaee407ee1c39553c2b6b6d263cd52d6f6e112ab5ae958db3e15e25e2dcac56d57c6f21b0a994976ccaaeaf6ff9ef319f58ca86953c9f85796033b2"}, {0xdd, 0x0, "6a26ee59e2fcd7ca305ce24122620d50e6ec26ed916a667b788a53081cc5d73cab93490f94b19039389900c7b442523df3586c4afd8f609585f63de8b66a02412a683d2b6b29466b146788ccf1f9a477e9d32ed3bbd1bda0fa5e5885329b048480f2aa904942404e13d97697fa11dc37acb95051eff96068a4418041f036978751a1da0a214ec65900f05cb462ba7a0bba6d4c6af0356704096c448f28f33016971b6e3c49a6710940f6c9203d77e767816f50c31a517514dcd80abb582e25cf01db89f4c0"}, {0xdd, 0x0, "4719d070ae3bc06d5609c6f144f16b4d053d086b4d2e2cf29492c7f819252198c74940d9ce599db99c6cf07d7b27167e4623"}]}}, @chandef_params=[@NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8}], @NL80211_ATTR_DURATION={0x8, 0x57, 0x395}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0xa, 0xcd, [0x7, 0x1c, 0x0]}, @chandef_params=[@NL80211_ATTR_CENTER_FREQ2={0x8, 0xa1, 0x7}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0x7}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x36}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5, 0x119, 0xa}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x3}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x2}], @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x40c}, 0x1, 0x0, 0x0, 0x4884}, 0x40180)
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="e0993000000400"/16, @ANYRES16=r1, @ANYBLOB="050000000000000000000600000008000300", @ANYRES32=r2, @ANYBLOB="0800050003000000"], 0x24}}, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r9, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r11=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r10, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:13 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x9000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:13 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0xb000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:13 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:13 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xc008ae67, 0x0)

03:50:13 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r6, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r9=>0x0})
r10 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r10, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r8, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r9}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:13 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0xf000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:13 executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

[  352.976509][ T5195] Bluetooth: hci5: Frame reassembly failed (-84)
03:50:13 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x1d000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:13 executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

03:50:13 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:13 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x1f000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xc00caee0, 0x0)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x30000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 0:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x40000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xc0189436, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x44000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  353.397841][  T431] Bluetooth: hci6: Frame reassembly failed (-84)
03:50:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xc018aec0, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x60000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xc020660b, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0xdd000000, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0xf0ffffff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0xffffff7f, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:14 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:14 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3)

03:50:14 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0xfffffff0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  355.031712][ T3820] Bluetooth: hci5: command 0x1003 tx timeout
[  355.038697][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  355.421854][ T3820] Bluetooth: hci6: command 0x1003 tx timeout
[  355.428863][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  357.101717][ T3653] Bluetooth: hci5: command 0x1001 tx timeout
[  357.108369][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  357.511969][ T3653] Bluetooth: hci6: command 0x1001 tx timeout
[  357.518734][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  359.191728][ T3820] Bluetooth: hci5: command 0x1009 tx timeout
[  359.581703][ T3820] Bluetooth: hci6: command 0x1009 tx timeout
03:50:23 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:23 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4)

03:50:23 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:23 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:23 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x5}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5)

03:50:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x6}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  363.189763][  T431] Bluetooth: hci5: Frame reassembly failed (-84)
03:50:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x7}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:24 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)

03:50:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x8}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:24 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7)

03:50:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8)

03:50:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x9)

03:50:24 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x9}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:24 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa)

03:50:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xb)

03:50:24 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xc)

03:50:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0xb}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xd)

03:50:25 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe)

[  365.261760][ T3820] Bluetooth: hci5: command 0x1003 tx timeout
[  365.268535][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  365.821621][ T3820] Bluetooth: hci6: command 0x1003 tx timeout
[  365.827909][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  367.341764][ T3818] Bluetooth: hci5: command 0x1001 tx timeout
[  367.348333][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  367.901665][ T3818] Bluetooth: hci6: command 0x1001 tx timeout
[  367.908541][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  369.421785][ T3820] Bluetooth: hci5: command 0x1009 tx timeout
[  369.981764][ T3820] Bluetooth: hci6: command 0x1009 tx timeout
03:50:34 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:34 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:34 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0xc}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x10)

03:50:34 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x11)

[  373.410282][ T4030] Bluetooth: hci5: Frame reassembly failed (-84)
03:50:34 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x12)

03:50:34 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0xe}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:34 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x18)

03:50:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:34 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0xf}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:34 executing program 4:
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x25)

03:50:34 executing program 4:
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x41)

03:50:34 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x10}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:34 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x48)

03:50:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:35 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4c)

03:50:35 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:35 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x11}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:35 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5c)

03:50:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:35 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  375.421701][ T3653] Bluetooth: hci5: command 0x1003 tx timeout
[  375.428570][ T3546] Bluetooth: hci5: sending frame failed (-49)
[  377.501717][ T3818] Bluetooth: hci5: command 0x1001 tx timeout
[  377.509815][ T3546] Bluetooth: hci5: sending frame failed (-49)
[  378.383232][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  378.389684][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  379.581917][ T3820] Bluetooth: hci5: command 0x1009 tx timeout
03:50:44 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:50:44 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x12}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:44 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x68)

03:50:44 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6c)

03:50:44 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:50:44 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:44 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x13}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x74)

03:50:44 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:44 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:50:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:44 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7a)

03:50:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:44 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:44 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x14}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:44 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:44 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe2)

03:50:45 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:45 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x15}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:45 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x104)

03:50:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

03:50:45 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x16}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:45 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x10d)

03:50:45 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:45 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

03:50:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:45 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
shutdown(0xffffffffffffffff, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r0, 0x400455c8, 0x0)

03:50:45 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x17}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x300)

03:50:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:45 executing program 2:
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:45 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x500)

03:50:45 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  385.028218][ T5195] Bluetooth: hci5: Frame reassembly failed (-84)
03:50:45 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x18}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x600)

03:50:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x19}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x700)

03:50:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 0:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x1a}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x900)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:46 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x1b}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa00)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 0:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00'})
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r4, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xb00)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:46 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x1c}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 1)

03:50:46 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  386.043943][ T6496] FAULT_INJECTION: forcing a failure.
[  386.043943][ T6496] name failslab, interval 1, probability 0, space 0, times 0
[  386.079499][ T6496] CPU: 0 PID: 6496 Comm: syz-executor.0 Not tainted 5.15.151-syzkaller #0
[  386.088160][ T6496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  386.098224][ T6496] Call Trace:
[  386.101504][ T6496]  <TASK>
[  386.104445][ T6496]  dump_stack_lvl+0x1e3/0x2cb
[  386.109225][ T6496]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  386.114853][ T6496]  ? panic+0x84d/0x84d
[  386.118934][ T6496]  ? __might_sleep+0xc0/0xc0
[  386.123528][ T6496]  should_fail+0x38a/0x4c0
[  386.127940][ T6496]  should_failslab+0x5/0x20
[  386.132435][ T6496]  slab_pre_alloc_hook+0x53/0xc0
[  386.137364][ T6496]  __kmalloc+0x6e/0x300
[  386.141511][ T6496]  ? tomoyo_realpath_from_path+0xd8/0x5e0
[  386.147249][ T6496]  tomoyo_realpath_from_path+0xd8/0x5e0
[  386.152790][ T6496]  tomoyo_path_number_perm+0x225/0x810
[  386.158244][ T6496]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  386.163723][ T6496]  ? __fget_files+0x413/0x480
[  386.168396][ T6496]  security_file_ioctl+0x6d/0xa0
[  386.173326][ T6496]  __se_sys_ioctl+0x47/0x160
[  386.177940][ T6496]  do_syscall_64+0x3d/0xb0
[  386.182356][ T6496]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  386.188244][ T6496] RIP: 0033:0x7f21974d4da9
[  386.192655][ T6496] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  386.212252][ T6496] RSP: 002b:00007f2195a550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  386.220666][ T6496] RAX: ffffffffffffffda RBX: 00007f2197602f80 RCX: 00007f21974d4da9
[  386.228635][ T6496] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  386.236603][ T6496] RBP: 00007f2195a55120 R08: 0000000000000000 R09: 0000000000000000
[  386.244563][ T6496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  386.252526][ T6496] R13: 000000000000000b R14: 00007f2197602f80 R15: 00007ffdc2e96868
[  386.260505][ T6496]  </TASK>
03:50:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xc00)

[  386.289252][ T6496] ERROR: Out of memory at tomoyo_realpath_from_path.
[  386.340417][ T5158] Bluetooth: hci6: Frame reassembly failed (-84)
[  387.101845][ T3653] Bluetooth: hci5: command 0x1003 tx timeout
[  387.108847][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  388.381674][ T3653] Bluetooth: hci6: command 0x1003 tx timeout
[  388.388824][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  389.181884][ T3653] Bluetooth: hci5: command 0x1001 tx timeout
[  389.188849][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  390.462039][ T3653] Bluetooth: hci6: command 0x1001 tx timeout
[  390.468820][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  391.262081][ T3820] Bluetooth: hci5: command 0x1009 tx timeout
[  392.541862][ T3653] Bluetooth: hci6: command 0x1009 tx timeout
03:50:56 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:50:56 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x1d}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:56 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xd00)

03:50:56 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xd01)

03:50:56 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:56 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x21}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xda0)

03:50:56 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:56 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x25}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:56 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:56 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x26}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:56 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe00)

03:50:56 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x27}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1100)

03:50:57 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1200)

03:50:57 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x28}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1800)

03:50:57 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2000)

03:50:57 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x2b}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:50:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x20e1)

03:50:57 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x1c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 2)

03:50:57 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:50:57 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2500)

[  397.021039][ T6601] FAULT_INJECTION: forcing a failure.
[  397.021039][ T6601] name failslab, interval 1, probability 0, space 0, times 0
[  397.041811][ T6601] CPU: 1 PID: 6601 Comm: syz-executor.0 Not tainted 5.15.151-syzkaller #0
[  397.050382][ T6601] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  397.060461][ T6601] Call Trace:
[  397.063762][ T6601]  <TASK>
[  397.066701][ T6601]  dump_stack_lvl+0x1e3/0x2cb
[  397.071398][ T6601]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  397.077058][ T6601]  ? panic+0x84d/0x84d
[  397.081134][ T6601]  ? __might_sleep+0xc0/0xc0
[  397.085730][ T6601]  should_fail+0x38a/0x4c0
[  397.090153][ T6601]  should_failslab+0x5/0x20
[  397.094654][ T6601]  slab_pre_alloc_hook+0x53/0xc0
[  397.099587][ T6601]  __kmalloc+0x6e/0x300
[  397.103735][ T6601]  ? tomoyo_encode+0x26b/0x530
[  397.108514][ T6601]  tomoyo_encode+0x26b/0x530
[  397.113104][ T6601]  tomoyo_realpath_from_path+0x5a2/0x5e0
[  397.118772][ T6601]  tomoyo_path_number_perm+0x225/0x810
[  397.124233][ T6601]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  397.129710][ T6601]  ? __fget_files+0x413/0x480
[  397.134388][ T6601]  security_file_ioctl+0x6d/0xa0
[  397.139323][ T6601]  __se_sys_ioctl+0x47/0x160
[  397.143930][ T6601]  do_syscall_64+0x3d/0xb0
[  397.148345][ T6601]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  397.154232][ T6601] RIP: 0033:0x7f21974d4da9
[  397.158643][ T6601] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  397.178241][ T6601] RSP: 002b:00007f2195a550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  397.186659][ T6601] RAX: ffffffffffffffda RBX: 00007f2197602f80 RCX: 00007f21974d4da9
[  397.194623][ T6601] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  397.202593][ T6601] RBP: 00007f2195a55120 R08: 0000000000000000 R09: 0000000000000000
[  397.210558][ T6601] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  397.218524][ T6601] R13: 000000000000000b R14: 00007f2197602f80 R15: 00007ffdc2e96868
[  397.226503][ T6601]  </TASK>
[  397.242369][ T6601] ERROR: Out of memory at tomoyo_realpath_from_path.
[  397.275135][ T5195] Bluetooth: hci6: Frame reassembly failed (-84)
[  397.821624][ T3653] Bluetooth: hci5: command 0x1003 tx timeout
[  397.829351][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  399.341865][ T3820] Bluetooth: hci6: command 0x1003 tx timeout
[  399.349191][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  399.901755][ T3653] Bluetooth: hci5: command 0x1001 tx timeout
[  399.908412][ T3537] Bluetooth: hci5: sending frame failed (-49)
[  401.421761][ T3820] Bluetooth: hci6: command 0x1001 tx timeout
[  401.428675][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  401.991812][ T3653] Bluetooth: hci5: command 0x1009 tx timeout
[  403.501762][ T3653] Bluetooth: hci6: command 0x1009 tx timeout
03:51:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:06 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x2c}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:06 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3f00)

03:51:06 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4000)

03:51:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:06 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x2e}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:06 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4100)

03:51:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:07 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4800)

03:51:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:07 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:07 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x30}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4c00)

03:51:07 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x51ff)

03:51:07 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x31}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:07 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:07 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5c00)

03:51:07 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x32}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 3)

03:51:08 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6800)

03:51:08 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x34}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:08 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

[  407.935922][ T6696] FAULT_INJECTION: forcing a failure.
[  407.935922][ T6696] name failslab, interval 1, probability 0, space 0, times 0
03:51:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6c00)

03:51:08 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  408.044963][ T6696] CPU: 1 PID: 6696 Comm: syz-executor.0 Not tainted 5.15.151-syzkaller #0
[  408.053511][ T6696] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  408.063584][ T6696] Call Trace:
[  408.066877][ T6696]  <TASK>
[  408.069822][ T6696]  dump_stack_lvl+0x1e3/0x2cb
[  408.074526][ T6696]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  408.080188][ T6696]  ? panic+0x84d/0x84d
[  408.084284][ T6696]  ? __might_sleep+0xc0/0xc0
[  408.088903][ T6696]  should_fail+0x38a/0x4c0
[  408.093350][ T6696]  should_failslab+0x5/0x20
[  408.097871][ T6696]  slab_pre_alloc_hook+0x53/0xc0
[  408.102830][ T6696]  __kmalloc+0x6e/0x300
[  408.106988][ T6696]  ? hci_alloc_dev_priv+0x23/0x1d60
[  408.112301][ T6696]  hci_alloc_dev_priv+0x23/0x1d60
[  408.117335][ T6696]  hci_uart_tty_ioctl+0x3d9/0xa70
[  408.122434][ T6696]  ? ldsem_down_read+0xb2/0xe0
[  408.127208][ T6696]  ? hci_uart_tty_write+0x10/0x10
[  408.132223][ T6696]  tty_ioctl+0x8ff/0xc50
[  408.136545][ T6696]  ? bpf_lsm_file_ioctl+0x5/0x10
[  408.141490][ T6696]  ? tty_get_icount+0xa0/0xa0
[  408.146172][ T6696]  __se_sys_ioctl+0xf1/0x160
[  408.150768][ T6696]  do_syscall_64+0x3d/0xb0
[  408.155189][ T6696]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  408.161082][ T6696] RIP: 0033:0x7f21974d4da9
[  408.165503][ T6696] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  408.185110][ T6696] RSP: 002b:00007f2195a550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
03:51:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x35}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  408.193524][ T6696] RAX: ffffffffffffffda RBX: 00007f2197602f80 RCX: 00007f21974d4da9
[  408.201500][ T6696] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  408.209481][ T6696] RBP: 00007f2195a55120 R08: 0000000000000000 R09: 0000000000000000
[  408.217458][ T6696] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  408.225425][ T6696] R13: 000000000000000b R14: 00007f2197602f80 R15: 00007ffdc2e96868
[  408.233397][ T6696]  </TASK>
[  408.240146][ T6696] Bluetooth: Can't allocate HCI device
03:51:09 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7400)

03:51:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:09 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 4)

03:51:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x36}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7a00)

03:51:09 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(0xffffffffffffffff, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7f00)

03:51:09 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x37}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  408.762658][ T6744] FAULT_INJECTION: forcing a failure.
[  408.762658][ T6744] name failslab, interval 1, probability 0, space 0, times 0
[  408.791807][ T6744] CPU: 1 PID: 6744 Comm: syz-executor.0 Not tainted 5.15.151-syzkaller #0
[  408.800371][ T6744] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  408.810459][ T6744] Call Trace:
[  408.813754][ T6744]  <TASK>
[  408.816712][ T6744]  dump_stack_lvl+0x1e3/0x2cb
[  408.821443][ T6744]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  408.827111][ T6744]  ? panic+0x84d/0x84d
[  408.831202][ T6744]  ? __might_sleep+0xc0/0xc0
[  408.835811][ T6744]  ? lockdep_init_map_type+0x9d/0x8d0
[  408.841246][ T6744]  should_fail+0x38a/0x4c0
[  408.845700][ T6744]  should_failslab+0x5/0x20
[  408.850243][ T6744]  slab_pre_alloc_hook+0x53/0xc0
[  408.855208][ T6744]  kmem_cache_alloc_trace+0x49/0x290
[  408.860529][ T6744]  ? h4_open+0x59/0x150
[  408.864713][ T6744]  h4_open+0x59/0x150
[  408.868727][ T6744]  hci_uart_tty_ioctl+0x7fb/0xa70
[  408.873784][ T6744]  ? hci_uart_tty_write+0x10/0x10
[  408.878829][ T6744]  tty_ioctl+0x8ff/0xc50
[  408.883098][ T6744]  ? bpf_lsm_file_ioctl+0x5/0x10
[  408.888051][ T6744]  ? tty_get_icount+0xa0/0xa0
[  408.892740][ T6744]  __se_sys_ioctl+0xf1/0x160
[  408.897353][ T6744]  do_syscall_64+0x3d/0xb0
[  408.901794][ T6744]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  408.907703][ T6744] RIP: 0033:0x7f21974d4da9
[  408.912134][ T6744] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  408.931752][ T6744] RSP: 002b:00007f2195a550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  408.940205][ T6744] RAX: ffffffffffffffda RBX: 00007f2197602f80 RCX: 00007f21974d4da9
[  408.948193][ T6744] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
03:51:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa00d)

03:51:09 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

[  408.956185][ T6744] RBP: 00007f2195a55120 R08: 0000000000000000 R09: 0000000000000000
[  408.964176][ T6744] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  408.972168][ T6744] R13: 000000000000000b R14: 00007f2197602f80 R15: 00007ffdc2e96868
[  408.980170][ T6744]  </TASK>
03:51:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x38}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:09 executing program 4:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe120)

03:51:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 5)

03:51:10 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, 0xffffffffffffffff)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:10 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  409.195359][ T6773] FAULT_INJECTION: forcing a failure.
[  409.195359][ T6773] name failslab, interval 1, probability 0, space 0, times 0
03:51:10 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:51:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x39}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  409.281717][ T6773] CPU: 1 PID: 6773 Comm: syz-executor.0 Not tainted 5.15.151-syzkaller #0
[  409.290262][ T6773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  409.300354][ T6773] Call Trace:
[  409.303651][ T6773]  <TASK>
[  409.306599][ T6773]  dump_stack_lvl+0x1e3/0x2cb
[  409.311309][ T6773]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  409.316970][ T6773]  ? panic+0x84d/0x84d
[  409.321064][ T6773]  ? __might_sleep+0xc0/0xc0
[  409.325688][ T6773]  should_fail+0x38a/0x4c0
[  409.330128][ T6773]  ? kobject_set_name_vargs+0x5d/0x110
[  409.335699][ T6773]  should_failslab+0x5/0x20
[  409.340226][ T6773]  slab_pre_alloc_hook+0x53/0xc0
[  409.345182][ T6773]  ? kobject_set_name_vargs+0x5d/0x110
[  409.350667][ T6773]  __kmalloc_track_caller+0x6c/0x300
[  409.355975][ T6773]  ? kobject_set_name_vargs+0x5d/0x110
[  409.361462][ T6773]  kvasprintf+0xd6/0x180
[  409.365827][ T6773]  ? ida_alloc_range+0x99f/0xa90
[  409.370787][ T6773]  ? bust_spinlocks+0xd0/0xd0
[  409.375487][ T6773]  ? kfree+0x4a/0x270
[  409.379488][ T6773]  ? kvasprintf_const+0x4d/0x170
[  409.384439][ T6773]  kobject_set_name_vargs+0x5d/0x110
[  409.389758][ T6773]  dev_set_name+0xd1/0x120
[  409.394291][ T6773]  ? hci_register_dev+0x12e/0xa50
[  409.399334][ T6773]  ? get_device+0x30/0x30
[  409.403713][ T6773]  hci_register_dev+0x14f/0xa50
[  409.408585][ T6773]  ? __raw_spin_lock_init+0x41/0x100
[  409.414345][ T6773]  hci_uart_tty_ioctl+0x8a3/0xa70
[  409.419396][ T6773]  ? hci_uart_tty_write+0x10/0x10
[  409.424429][ T6773]  tty_ioctl+0x8ff/0xc50
[  409.428683][ T6773]  ? bpf_lsm_file_ioctl+0x5/0x10
[  409.433636][ T6773]  ? tty_get_icount+0xa0/0xa0
[  409.438346][ T6773]  __se_sys_ioctl+0xf1/0x160
[  409.442962][ T6773]  do_syscall_64+0x3d/0xb0
[  409.447400][ T6773]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  409.453427][ T6773] RIP: 0033:0x7f21974d4da9
[  409.457852][ T6773] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:51:10 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:51:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x3a}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:10 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  409.477475][ T6773] RSP: 002b:00007f2195a550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  409.485938][ T6773] RAX: ffffffffffffffda RBX: 00007f2197602f80 RCX: 00007f21974d4da9
[  409.493943][ T6773] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  409.502012][ T6773] RBP: 00007f2195a55120 R08: 0000000000000000 R09: 0000000000000000
[  409.509992][ T6773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  409.517977][ T6773] R13: 000000000000000b R14: 00007f2197602f80 R15: 00007ffdc2e96868
[  409.525997][ T6773]  </TASK>
03:51:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe200)

03:51:10 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(0xffffffffffffffff, 0x400455c8, 0x0)

03:51:10 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 6)

[  409.600188][ T6773] Bluetooth: Can't register HCI device
03:51:10 executing program 2:
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r3=>0x0})
r4 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r0, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:10 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xff0f)

03:51:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x3b}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  409.741359][ T6802] FAULT_INJECTION: forcing a failure.
[  409.741359][ T6802] name failslab, interval 1, probability 0, space 0, times 0
[  409.805034][ T6802] CPU: 1 PID: 6802 Comm: syz-executor.0 Not tainted 5.15.151-syzkaller #0
[  409.813625][ T6802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  409.823779][ T6802] Call Trace:
[  409.827057][ T6802]  <TASK>
[  409.829980][ T6802]  dump_stack_lvl+0x1e3/0x2cb
[  409.834665][ T6802]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  409.840290][ T6802]  ? panic+0x84d/0x84d
[  409.844386][ T6802]  ? __might_sleep+0xc0/0xc0
[  409.848973][ T6802]  should_fail+0x38a/0x4c0
[  409.853407][ T6802]  should_failslab+0x5/0x20
[  409.857920][ T6802]  slab_pre_alloc_hook+0x53/0xc0
[  409.862877][ T6802]  __kmalloc+0x6e/0x300
[  409.867027][ T6802]  ? alloc_workqueue+0x193/0x13f0
[  409.872128][ T6802]  alloc_workqueue+0x193/0x13f0
[  409.876990][ T6802]  ? kfree+0x4a/0x270
[  409.880987][ T6802]  ? kobject_set_name_vargs+0xca/0x110
[  409.886457][ T6802]  ? dev_set_name+0xd1/0x120
[  409.891046][ T6802]  ? hci_register_dev+0x15a/0xa50
[  409.896073][ T6802]  ? apply_workqueue_attrs+0x170/0x170
[  409.901626][ T6802]  hci_register_dev+0x2a1/0xa50
[  409.906486][ T6802]  hci_uart_tty_ioctl+0x8a3/0xa70
[  409.911514][ T6802]  ? hci_uart_tty_write+0x10/0x10
[  409.916566][ T6802]  tty_ioctl+0x8ff/0xc50
[  409.920813][ T6802]  ? bpf_lsm_file_ioctl+0x5/0x10
[  409.925754][ T6802]  ? tty_get_icount+0xa0/0xa0
[  409.930426][ T6802]  __se_sys_ioctl+0xf1/0x160
[  409.935041][ T6802]  do_syscall_64+0x3d/0xb0
[  409.939457][ T6802]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  409.945354][ T6802] RIP: 0033:0x7f21974d4da9
[  409.949768][ T6802] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  409.969374][ T6802] RSP: 002b:00007f2195a550c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  409.977786][ T6802] RAX: ffffffffffffffda RBX: 00007f2197602f80 RCX: 00007f21974d4da9
[  409.985754][ T6802] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  409.993715][ T6802] RBP: 00007f2195a55120 R08: 0000000000000000 R09: 0000000000000000
03:51:10 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1100)

[  410.001691][ T6802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.009657][ T6802] R13: 000000000000000b R14: 00007f2197602f80 R15: 00007ffdc2e96868
[  410.017648][ T6802]  </TASK>
03:51:10 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xff51)

03:51:11 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 1)

03:51:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x3d}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x40000)

[  410.295114][ T6827] FAULT_INJECTION: forcing a failure.
[  410.295114][ T6827] name failslab, interval 1, probability 0, space 0, times 0
[  410.315954][ T6827] CPU: 1 PID: 6827 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  410.324494][ T6827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  410.334574][ T6827] Call Trace:
[  410.337878][ T6827]  <TASK>
[  410.340835][ T6827]  dump_stack_lvl+0x1e3/0x2cb
[  410.345543][ T6827]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  410.351200][ T6827]  ? panic+0x84d/0x84d
[  410.355309][ T6827]  ? __might_sleep+0xc0/0xc0
[  410.360119][ T6827]  should_fail+0x38a/0x4c0
[  410.364562][ T6827]  should_failslab+0x5/0x20
[  410.369071][ T6827]  slab_pre_alloc_hook+0x53/0xc0
[  410.374027][ T6827]  __kmalloc+0x6e/0x300
[  410.378201][ T6827]  ? tomoyo_realpath_from_path+0xd8/0x5e0
[  410.383946][ T6827]  tomoyo_realpath_from_path+0xd8/0x5e0
[  410.389521][ T6827]  tomoyo_path_number_perm+0x225/0x810
[  410.395020][ T6827]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  410.400547][ T6827]  ? __fget_files+0x413/0x480
[  410.405257][ T6827]  security_file_ioctl+0x6d/0xa0
[  410.410377][ T6827]  __se_sys_ioctl+0x47/0x160
[  410.414991][ T6827]  do_syscall_64+0x3d/0xb0
[  410.419424][ T6827]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  410.425364][ T6827] RIP: 0033:0x7f3c6698fda9
03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x1c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  410.429793][ T6827] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  410.433154][ T6802] Bluetooth: Can't register HCI device
[  410.449408][ T6827] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  410.449448][ T6827] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  410.449464][ T6827] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  410.449476][ T6827] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
03:51:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x3e}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  410.449489][ T6827] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  410.449500][ T6827] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  410.449529][ T6827]  </TASK>
[  410.494552][ T6827] ERROR: Out of memory at tomoyo_realpath_from_path.
03:51:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 7)

03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x1c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x80000)

03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x1c, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}}, 0x1c}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xbefff)

03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x20, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x41}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x20, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2191be)

03:51:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x43}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x20, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x400000)

03:51:11 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:12 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x80ffff)

03:51:12 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x4b}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:12 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:12 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1000000)

03:51:12 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x4c}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:12 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1000100)

03:51:12 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:12 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x6b}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:12 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  412.621658][   T21] Bluetooth: hci6: command 0x1003 tx timeout
[  412.628948][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  413.021639][ T3653] Bluetooth: hci7: command 0x1003 tx timeout
[  413.028982][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  414.701892][ T3653] Bluetooth: hci6: command 0x1001 tx timeout
[  414.708579][ T3537] Bluetooth: hci6: sending frame failed (-49)
[  415.101727][ T3818] Bluetooth: hci7: command 0x1001 tx timeout
[  415.108730][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  416.786496][ T3653] Bluetooth: hci6: command 0x1009 tx timeout
[  417.191812][ T3653] Bluetooth: hci7: command 0x1009 tx timeout
03:51:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 2)

03:51:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1040000)

03:51:21 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x72}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:21 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x10d0000)

[  420.740319][ T6927] FAULT_INJECTION: forcing a failure.
[  420.740319][ T6927] name failslab, interval 1, probability 0, space 0, times 0
[  420.807348][ T6927] CPU: 1 PID: 6927 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  420.815910][ T6927] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  420.825992][ T6927] Call Trace:
[  420.829337][ T6927]  <TASK>
[  420.832301][ T6927]  dump_stack_lvl+0x1e3/0x2cb
[  420.837023][ T6927]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  420.842686][ T6927]  ? panic+0x84d/0x84d
[  420.846776][ T6927]  ? __might_sleep+0xc0/0xc0
[  420.851414][ T6927]  should_fail+0x38a/0x4c0
[  420.855886][ T6927]  should_failslab+0x5/0x20
[  420.860431][ T6927]  slab_pre_alloc_hook+0x53/0xc0
[  420.865429][ T6927]  __kmalloc+0x6e/0x300
[  420.869623][ T6927]  ? tomoyo_encode+0x26b/0x530
[  420.874455][ T6927]  tomoyo_encode+0x26b/0x530
[  420.879077][ T6927]  tomoyo_realpath_from_path+0x5a2/0x5e0
[  420.884749][ T6927]  tomoyo_path_number_perm+0x225/0x810
[  420.890242][ T6927]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  420.895782][ T6927]  ? __fget_files+0x413/0x480
[  420.900505][ T6927]  security_file_ioctl+0x6d/0xa0
[  420.905484][ T6927]  __se_sys_ioctl+0x47/0x160
[  420.910097][ T6927]  do_syscall_64+0x3d/0xb0
[  420.914647][ T6927]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  420.920576][ T6927] RIP: 0033:0x7f3c6698fda9
[  420.925031][ T6927] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  420.944761][ T6927] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
03:51:21 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x7a}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  420.953203][ T6927] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  420.961202][ T6927] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  420.969286][ T6927] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
[  420.977277][ T6927] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  420.985270][ T6927] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  420.993316][ T6927]  </TASK>
03:51:21 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2000000)

[  421.037486][ T6927] ERROR: Out of memory at tomoyo_realpath_from_path.
[  421.053249][  T431] Bluetooth: hci6: Frame reassembly failed (-84)
03:51:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x7e}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3000000)

03:51:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x2, 0x0)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, 0x0, 0x0)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, 0x0, 0x0)

[  421.286556][ T6956] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  421.304629][ T6956] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
03:51:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4000000)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, 0x0, 0x0)

03:51:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x10, 0x0)

03:51:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5000000)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)

03:51:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5409, 0x0)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)

03:51:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6000000)

03:51:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540b, 0x0)

03:51:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540c, 0x0)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, 0x0}, 0x0)

03:51:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7000000)

03:51:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540d, 0x0)

03:51:22 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)

03:51:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540e, 0x0)

03:51:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000)

[  423.101615][ T3653] Bluetooth: hci6: command 0x1003 tx timeout
[  423.108502][ T3545] Bluetooth: hci6: sending frame failed (-49)
[  425.183567][ T3646] Bluetooth: hci6: command 0x1001 tx timeout
[  425.190637][ T3545] Bluetooth: hci6: sending frame failed (-49)
[  427.271820][ T3646] Bluetooth: hci6: command 0x1009 tx timeout
03:51:32 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 3)

03:51:32 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)

03:51:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540f, 0x0)

03:51:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x9000000)

03:51:32 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0xc0}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:32 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r7, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={0x0}}, 0x0)

[  431.632621][ T7015] FAULT_INJECTION: forcing a failure.
[  431.632621][ T7015] name failslab, interval 1, probability 0, space 0, times 0
[  431.661067][ T7015] CPU: 0 PID: 7015 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  431.669619][ T7015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  431.679686][ T7015] Call Trace:
[  431.682995][ T7015]  <TASK>
[  431.685930][ T7015]  dump_stack_lvl+0x1e3/0x2cb
[  431.690613][ T7015]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  431.696247][ T7015]  ? panic+0x84d/0x84d
[  431.700330][ T7015]  ? __might_sleep+0xc0/0xc0
[  431.704943][ T7015]  should_fail+0x38a/0x4c0
[  431.709362][ T7015]  should_failslab+0x5/0x20
[  431.713865][ T7015]  slab_pre_alloc_hook+0x53/0xc0
[  431.718809][ T7015]  __kmalloc+0x6e/0x300
[  431.722960][ T7015]  ? hci_alloc_dev_priv+0x23/0x1d60
[  431.728160][ T7015]  hci_alloc_dev_priv+0x23/0x1d60
[  431.733187][ T7015]  hci_uart_tty_ioctl+0x3d9/0xa70
[  431.738208][ T7015]  ? ldsem_down_read+0xb2/0xe0
[  431.742967][ T7015]  ? hci_uart_tty_write+0x10/0x10
[  431.747985][ T7015]  tty_ioctl+0x8ff/0xc50
[  431.752242][ T7015]  ? bpf_lsm_file_ioctl+0x5/0x10
[  431.757177][ T7015]  ? tty_get_icount+0xa0/0xa0
[  431.761866][ T7015]  __se_sys_ioctl+0xf1/0x160
[  431.766458][ T7015]  do_syscall_64+0x3d/0xb0
[  431.770880][ T7015]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  431.776775][ T7015] RIP: 0033:0x7f3c6698fda9
[  431.781191][ T7015] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  431.800798][ T7015] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  431.809211][ T7015] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  431.817179][ T7015] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  431.825144][ T7015] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
03:51:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5410, 0x0)

[  431.833110][ T7015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  431.841073][ T7015] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  431.849070][ T7015]  </TASK>
03:51:32 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa000000)

03:51:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5412, 0x0)

03:51:32 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  431.972329][ T7015] Bluetooth: Can't allocate HCI device
03:51:32 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:32 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 4)

03:51:32 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xb000000)

03:51:32 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5413, 0x0)

03:51:32 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, 0x0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

[  432.152735][ T7033] FAULT_INJECTION: forcing a failure.
[  432.152735][ T7033] name failslab, interval 1, probability 0, space 0, times 0
[  432.177693][ T7033] CPU: 1 PID: 7033 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  432.186232][ T7033] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  432.196390][ T7033] Call Trace:
[  432.199708][ T7033]  <TASK>
[  432.202648][ T7033]  dump_stack_lvl+0x1e3/0x2cb
[  432.207368][ T7033]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  432.213025][ T7033]  ? panic+0x84d/0x84d
[  432.217111][ T7033]  ? __might_sleep+0xc0/0xc0
[  432.221717][ T7033]  ? lockdep_init_map_type+0x9d/0x8d0
[  432.227114][ T7033]  should_fail+0x38a/0x4c0
[  432.231567][ T7033]  should_failslab+0x5/0x20
[  432.236125][ T7033]  slab_pre_alloc_hook+0x53/0xc0
[  432.241091][ T7033]  kmem_cache_alloc_trace+0x49/0x290
[  432.246398][ T7033]  ? h4_open+0x59/0x150
[  432.250574][ T7033]  h4_open+0x59/0x150
[  432.254570][ T7033]  hci_uart_tty_ioctl+0x7fb/0xa70
[  432.259609][ T7033]  ? hci_uart_tty_write+0x10/0x10
[  432.264642][ T7033]  tty_ioctl+0x8ff/0xc50
[  432.268910][ T7033]  ? bpf_lsm_file_ioctl+0x5/0x10
[  432.273864][ T7033]  ? tty_get_icount+0xa0/0xa0
[  432.278541][ T7033]  __se_sys_ioctl+0xf1/0x160
[  432.283132][ T7033]  do_syscall_64+0x3d/0xb0
[  432.287560][ T7033]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  432.293477][ T7033] RIP: 0033:0x7f3c6698fda9
[  432.297901][ T7033] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  432.317509][ T7033] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  432.325930][ T7033] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  432.334044][ T7033] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  432.342033][ T7033] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5414, 0x0)

[  432.349998][ T7033] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  432.357962][ T7033] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  432.365946][ T7033]  </TASK>
03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5415, 0x0)

03:51:33 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x2}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5416, 0x0)

03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5417, 0x0)

03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x0, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5418, 0x0)

03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xc000000)

03:51:33 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x3}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541b, 0x0)

03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xd000000)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541d, 0x0)

03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00'})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)

03:51:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe000000)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541e, 0x0)

03:51:33 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x4}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x1c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)

03:51:33 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x10000000)

03:51:33 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 5)

03:51:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541e, 0x0)

03:51:33 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x1c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)

03:51:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x11000000)

03:51:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5420, 0x0)

[  433.189487][ T7105] FAULT_INJECTION: forcing a failure.
[  433.189487][ T7105] name failslab, interval 1, probability 0, space 0, times 0
[  433.246050][ T7105] CPU: 0 PID: 7105 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  433.254642][ T7105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  433.264734][ T7105] Call Trace:
[  433.268024][ T7105]  <TASK>
[  433.271071][ T7105]  dump_stack_lvl+0x1e3/0x2cb
[  433.275783][ T7105]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  433.281452][ T7105]  ? panic+0x84d/0x84d
[  433.285549][ T7105]  ? __might_sleep+0xc0/0xc0
[  433.290169][ T7105]  should_fail+0x38a/0x4c0
[  433.294611][ T7105]  ? kobject_set_name_vargs+0x5d/0x110
[  433.300096][ T7105]  should_failslab+0x5/0x20
[  433.304618][ T7105]  slab_pre_alloc_hook+0x53/0xc0
[  433.309580][ T7105]  ? kobject_set_name_vargs+0x5d/0x110
[  433.315072][ T7105]  __kmalloc_track_caller+0x6c/0x300
[  433.320391][ T7105]  ? kobject_set_name_vargs+0x5d/0x110
[  433.325882][ T7105]  kvasprintf+0xd6/0x180
[  433.330170][ T7105]  ? ida_alloc_range+0x99f/0xa90
[  433.335136][ T7105]  ? bust_spinlocks+0xd0/0xd0
[  433.339853][ T7105]  ? kfree+0x4a/0x270
[  433.343870][ T7105]  ? kvasprintf_const+0x4d/0x170
[  433.348830][ T7105]  kobject_set_name_vargs+0x5d/0x110
[  433.354136][ T7105]  dev_set_name+0xd1/0x120
[  433.358594][ T7105]  ? hci_register_dev+0x12e/0xa50
[  433.363641][ T7105]  ? get_device+0x30/0x30
[  433.368012][ T7105]  hci_register_dev+0x14f/0xa50
[  433.372881][ T7105]  ? __raw_spin_lock_init+0x41/0x100
[  433.378280][ T7105]  hci_uart_tty_ioctl+0x8a3/0xa70
[  433.383335][ T7105]  ? hci_uart_tty_write+0x10/0x10
[  433.388375][ T7105]  tty_ioctl+0x8ff/0xc50
[  433.392647][ T7105]  ? bpf_lsm_file_ioctl+0x5/0x10
[  433.397606][ T7105]  ? tty_get_icount+0xa0/0xa0
[  433.402309][ T7105]  __se_sys_ioctl+0xf1/0x160
[  433.406922][ T7105]  do_syscall_64+0x3d/0xb0
[  433.411362][ T7105]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  433.417274][ T7105] RIP: 0033:0x7f3c6698fda9
[  433.421706][ T7105] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
03:51:34 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x5}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:34 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x1c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}}, 0x1c}}, 0x0)

[  433.441455][ T7105] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  433.449923][ T7105] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  433.457914][ T7105] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  433.465908][ T7105] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
[  433.473901][ T7105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  433.481906][ T7105] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  433.489912][ T7105]  </TASK>
03:51:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5421, 0x0)

03:51:34 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)

03:51:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x12000000)

03:51:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5422, 0x0)

03:51:34 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x6}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:34 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)

03:51:34 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 6)

[  433.729769][ T7105] Bluetooth: Can't register HCI device
03:51:34 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x18000000)

03:51:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5423, 0x0)

03:51:34 executing program 4:
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000600)={0x24, r0, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, '#'}]}, 0x24}}, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r8=>0x0})
r9 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x20, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0)

[  433.872960][ T7141] FAULT_INJECTION: forcing a failure.
[  433.872960][ T7141] name failslab, interval 1, probability 0, space 0, times 0
[  433.910527][ T7141] CPU: 0 PID: 7141 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
03:51:34 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x7}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:34 executing program 4:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={0xffffffffffffffff, 0xe0, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000009c0)=[0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0xa, 0x3, &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0], 0x0, 0x22, &(0x7f0000000ac0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000b40), &(0x7f0000000b80), 0x8, 0xf2, 0x8, 0x8, &(0x7f0000000bc0)}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001080)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0)
write$cgroup_freezer_state(r1, &(0x7f00000010c0)='THAWED\x00', 0x7)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001140)=@o_path={&(0x7f0000001100)='./file0\x00', r1, 0x4000, r1}, 0x18)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000001280)={r1, &(0x7f0000001180)="0e59eb044eb6459c63d8f4caf947917437c402e33069b2e96a49fc6de1d87254c9c427272d607ba697120706473d5fdfd9aded72c24da9ebec3e0bdce3d543635632a66c40b3ef7d36b953bb02d5548322afa0173e01ba4fdd0860510cbc97a86af62574b472bceba8dc32eafc04c4bbe041d56d3358c29885e7c771370d179c8e70515b6bea669bf8d4a6af", &(0x7f0000001240)=""/43, 0x4}, 0x20)
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001300)=@generic={&(0x7f00000012c0)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={r1, 0x58, &(0x7f0000001340)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001400)={r3, 0x0, 0x8}, 0xc)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000001440)=r1, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r1, 0xe0, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001480)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, &(0x7f00000014c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0x6d, &(0x7f0000001540)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000001580), &(0x7f00000015c0), 0x8, 0x79, 0x8, 0x8, &(0x7f0000001600)}}, 0x10)
r7 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000017c0)={r7, r1, 0x0, 0x1e, &(0x7f0000001780)='blkio.bfq.io_merged_recursive\x00'}, 0x30)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001980)=r6, 0x4)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001a40)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x47a, '\x00', r4, r1, 0x4, 0x3, 0x4}, 0x48)
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001b00)=@bpf_lsm={0x1d, 0x1, &(0x7f0000001800)=@raw=[@ldst={0x3, 0x2, 0x6, 0x1, 0x5, 0xffffffffffffffc0, 0xffffffffffffffff}], &(0x7f0000001840)='syzkaller\x00', 0x3, 0xdf, &(0x7f0000001880)=""/223, 0x41000, 0x3, '\x00', 0x0, 0x1b, r8, 0x8, &(0x7f00000019c0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000001a00)={0x2, 0xd, 0x5, 0x1}, 0x10, r6, 0x0, 0x0, &(0x7f0000001ac0)=[r2, r5, r1, r5, r2, r1, r1, r9], 0x0, 0x10, 0x81}, 0x90)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000001bc0)=r10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000001cc0)=@o_path={&(0x7f0000001c80)='./file0\x00', 0x0, 0x4010, r10}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001e80)={@ifindex, 0x24, 0x0, 0xfffffeff, &(0x7f0000000d40)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000001dc0)=[0x0], &(0x7f0000001e00)=[0x0, 0x0], &(0x7f0000001e40)=[0x0, 0x0, 0x0], <r11=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001ec0)={@ifindex=r0, r10, 0x2, 0x1004, 0x0, @prog_id=0xffffffffffffffff, r11}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={<r12=>0xffffffffffffffff})
sendmsg$inet(r12, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)="1b44", 0x2}], 0x1}, 0xc001)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.threads\x00', 0x2, 0x0)
syz_clone(0x40900000, &(0x7f0000000800)="6dec66a71954a31a73a9", 0xa, &(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0)="9db3a6e28d119c9d50d0c01a38051993b4be00fe445fecb84d7fb4f1cf7cf329d270124b64029bd19ccbf0d5643b70042aa2f65a571ec2618206387bd0dec39a846513089697e5d883ce3aeb7113675ed8a88d290e31636e615aaef3fac735eba6fb1f8834680977c1a2b1dc503e5f09864b74a1ec2d09e162045af0c2381c0428be18d8ddd26cef111562af63fdf3940a8128dea3c460f631edd656ea591a6cea79969157236af91182862650eff08ab25611")

[  433.919081][ T7141] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  433.929154][ T7141] Call Trace:
[  433.932471][ T7141]  <TASK>
[  433.935431][ T7141]  dump_stack_lvl+0x1e3/0x2cb
[  433.940147][ T7141]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  433.945810][ T7141]  ? panic+0x84d/0x84d
[  433.949910][ T7141]  ? __might_sleep+0xc0/0xc0
[  433.954532][ T7141]  should_fail+0x38a/0x4c0
[  433.958976][ T7141]  should_failslab+0x5/0x20
[  433.963590][ T7141]  slab_pre_alloc_hook+0x53/0xc0
[  433.968557][ T7141]  __kmalloc+0x6e/0x300
[  433.972747][ T7141]  ? alloc_workqueue+0x193/0x13f0
[  433.977803][ T7141]  alloc_workqueue+0x193/0x13f0
[  433.982673][ T7141]  ? kfree+0x4a/0x270
[  433.986681][ T7141]  ? kobject_set_name_vargs+0xca/0x110
[  433.992162][ T7141]  ? dev_set_name+0xd1/0x120
[  433.996767][ T7141]  ? hci_register_dev+0x15a/0xa50
[  434.001838][ T7141]  ? apply_workqueue_attrs+0x170/0x170
[  434.007343][ T7141]  hci_register_dev+0x2a1/0xa50
[  434.012221][ T7141]  hci_uart_tty_ioctl+0x8a3/0xa70
[  434.017272][ T7141]  ? hci_uart_tty_write+0x10/0x10
[  434.022321][ T7141]  tty_ioctl+0x8ff/0xc50
[  434.026584][ T7141]  ? bpf_lsm_file_ioctl+0x5/0x10
[  434.031576][ T7141]  ? tty_get_icount+0xa0/0xa0
[  434.036271][ T7141]  __se_sys_ioctl+0xf1/0x160
[  434.040896][ T7141]  do_syscall_64+0x3d/0xb0
[  434.045343][ T7141]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  434.051259][ T7141] RIP: 0033:0x7f3c6698fda9
[  434.055708][ T7141] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  434.075337][ T7141] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  434.083761][ T7141] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  434.091730][ T7141] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  434.099696][ T7141] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
[  434.107660][ T7141] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.115629][ T7141] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
03:51:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5424, 0x0)

[  434.123614][ T7141]  </TASK>
03:51:35 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x8}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5425, 0x0)

03:51:35 executing program 4:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d00)={0xffffffffffffffff, 0xe0, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, &(0x7f00000009c0)=[0x0], ""/16, <r0=>0x0, 0x0, 0x0, 0x0, 0xa, 0x3, &(0x7f0000000a00)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000a80)=[0x0, 0x0, 0x0], 0x0, 0x22, &(0x7f0000000ac0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f0000000b40), &(0x7f0000000b80), 0x8, 0xf2, 0x8, 0x8, &(0x7f0000000bc0)}}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000001080)='blkio.bfq.io_merged_recursive\x00', 0x0, 0x0)
write$cgroup_freezer_state(r1, &(0x7f00000010c0)='THAWED\x00', 0x7)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000001140)=@o_path={&(0x7f0000001100)='./file0\x00', r1, 0x4000, r1}, 0x18)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000001280)={r1, &(0x7f0000001180)="0e59eb044eb6459c63d8f4caf947917437c402e33069b2e96a49fc6de1d87254c9c427272d607ba697120706473d5fdfd9aded72c24da9ebec3e0bdce3d543635632a66c40b3ef7d36b953bb02d5548322afa0173e01ba4fdd0860510cbc97a86af62574b472bceba8dc32eafc04c4bbe041d56d3358c29885e7c771370d179c8e70515b6bea669bf8d4a6af", &(0x7f0000001240)=""/43, 0x4}, 0x20)
r2 = bpf$OBJ_GET_MAP(0x7, &(0x7f0000001300)=@generic={&(0x7f00000012c0)='./file0\x00', 0x0, 0x10}, 0x18)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000013c0)={r1, 0x58, &(0x7f0000001340)={0x0, <r3=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r4=>0x0}}, 0x10)
r5 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001400)={r3, 0x0, 0x8}, 0xc)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000001440)=r1, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001740)={r1, 0xe0, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000001480)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x6, 0x6, &(0x7f00000014c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000001500)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], <r6=>0x0, 0x6d, &(0x7f0000001540)=[{}, {}, {}], 0x18, 0x10, &(0x7f0000001580), &(0x7f00000015c0), 0x8, 0x79, 0x8, 0x8, &(0x7f0000001600)}}, 0x10)
r7 = gettid()
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000017c0)={r7, r1, 0x0, 0x1e, &(0x7f0000001780)='blkio.bfq.io_merged_recursive\x00'}, 0x30)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000001980)=r6, 0x4)
r9 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001a40)={0x2, 0x4, 0x8, 0x1, 0x80, r5, 0x47a, '\x00', r4, r1, 0x4, 0x3, 0x4}, 0x48)
r10 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000001b00)=@bpf_lsm={0x1d, 0x1, &(0x7f0000001800)=@raw=[@ldst={0x3, 0x2, 0x6, 0x1, 0x5, 0xffffffffffffffc0, 0xffffffffffffffff}], &(0x7f0000001840)='syzkaller\x00', 0x3, 0xdf, &(0x7f0000001880)=""/223, 0x41000, 0x3, '\x00', 0x0, 0x1b, r8, 0x8, &(0x7f00000019c0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000001a00)={0x2, 0xd, 0x5, 0x1}, 0x10, r6, 0x0, 0x0, &(0x7f0000001ac0)=[r2, r5, r1, r5, r2, r1, r1, r9], 0x0, 0x10, 0x81}, 0x90)
ioctl$TUNSETSTEERINGEBPF(0xffffffffffffffff, 0x800454e0, &(0x7f0000001bc0)=r10)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000001cc0)=@o_path={&(0x7f0000001c80)='./file0\x00', 0x0, 0x4010, r10}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001e80)={@ifindex, 0x24, 0x0, 0xfffffeff, &(0x7f0000000d40)=[0x0, 0x0], 0x2, 0x0, &(0x7f0000001dc0)=[0x0], &(0x7f0000001e00)=[0x0, 0x0], &(0x7f0000001e40)=[0x0, 0x0, 0x0], <r11=>0x0}, 0x40)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000001ec0)={@ifindex=r0, r10, 0x2, 0x1004, 0x0, @prog_id=0xffffffffffffffff, r11}, 0x20)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000d80)={<r12=>0xffffffffffffffff})
sendmsg$inet(r12, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)="1b44", 0x2}], 0x1}, 0xc001)
openat$cgroup_procs(0xffffffffffffffff, &(0x7f0000000380)='cgroup.threads\x00', 0x2, 0x0)
syz_clone(0x40900000, &(0x7f0000000800)="6dec66a71954a31a73a9", 0xa, &(0x7f0000000840), &(0x7f0000000880), &(0x7f00000008c0)="9db3a6e28d119c9d50d0c01a38051993b4be00fe445fecb84d7fb4f1cf7cf329d270124b64029bd19ccbf0d5643b70042aa2f65a571ec2618206387bd0dec39a846513089697e5d883ce3aeb7113675ed8a88d290e31636e615aaef3fac735eba6fb1f8834680977c1a2b1dc503e5f09864b74a1ec2d09e162045af0c2381c0428be18d8ddd26cef111562af63fdf3940a8128dea3c460f631edd656ea591a6cea79969157236af91182862650eff08ab25611")

03:51:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x20000000)

03:51:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5427, 0x0)

03:51:35 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x9}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x20e10000)

[  434.401745][ T7141] Bluetooth: Can't register HCI device
03:51:35 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 7)

03:51:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5428, 0x0)

03:51:35 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x25000000)

[  434.564045][ T7181] FAULT_INJECTION: forcing a failure.
[  434.564045][ T7181] name failslab, interval 1, probability 0, space 0, times 0
03:51:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5429, 0x0)

[  434.625598][ T7181] CPU: 0 PID: 7181 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  434.634234][ T7181] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  434.644304][ T7181] Call Trace:
[  434.647594][ T7181]  <TASK>
[  434.650544][ T7181]  dump_stack_lvl+0x1e3/0x2cb
[  434.655259][ T7181]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  434.660923][ T7181]  ? panic+0x84d/0x84d
[  434.665032][ T7181]  should_fail+0x38a/0x4c0
[  434.669474][ T7181]  should_failslab+0x5/0x20
[  434.674019][ T7181]  slab_pre_alloc_hook+0x53/0xc0
[  434.678985][ T7181]  kmem_cache_alloc_trace+0x49/0x290
[  434.684286][ T7181]  ? alloc_workqueue+0x1f4/0x13f0
[  434.689354][ T7181]  alloc_workqueue+0x1f4/0x13f0
[  434.694218][ T7181]  ? kfree+0x4a/0x270
[  434.698221][ T7181]  ? kobject_set_name_vargs+0xca/0x110
[  434.703710][ T7181]  ? dev_set_name+0xd1/0x120
[  434.708325][ T7181]  ? hci_register_dev+0x15a/0xa50
[  434.713381][ T7181]  ? apply_workqueue_attrs+0x170/0x170
[  434.718869][ T7181]  hci_register_dev+0x2a1/0xa50
03:51:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5437, 0x0)

[  434.723755][ T7181]  hci_uart_tty_ioctl+0x8a3/0xa70
[  434.728812][ T7181]  ? hci_uart_tty_write+0x10/0x10
[  434.733854][ T7181]  tty_ioctl+0x8ff/0xc50
[  434.738114][ T7181]  ? bpf_lsm_file_ioctl+0x5/0x10
[  434.743073][ T7181]  ? tty_get_icount+0xa0/0xa0
[  434.747782][ T7181]  __se_sys_ioctl+0xf1/0x160
[  434.752391][ T7181]  do_syscall_64+0x3d/0xb0
[  434.756829][ T7181]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  434.762740][ T7181] RIP: 0033:0x7f3c6698fda9
[  434.767182][ T7181] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  434.786887][ T7181] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  434.795327][ T7181] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  434.803322][ T7181] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  434.811310][ T7181] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
03:51:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5441, 0x0)

03:51:35 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0xb}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:35 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000000500)=@base={0x16}, 0x48)

[  434.819301][ T7181] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  434.827304][ T7181] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  434.835311][ T7181]  </TASK>
[  434.863893][ T7181] Bluetooth: Can't register HCI device
03:51:35 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 8)

03:51:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5450, 0x0)

03:51:35 executing program 4:
bpf$LINK_DETACH(0x22, &(0x7f0000000040), 0x4)
openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002440)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg$unix(r0, &(0x7f0000002640)={0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000002500)=""/191, 0xbf}], 0x1, &(0x7f0000002600)=[@rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff]}}], 0x18}, 0x0)

[  434.981907][ T7199] FAULT_INJECTION: forcing a failure.
[  434.981907][ T7199] name failslab, interval 1, probability 0, space 0, times 0
[  435.035678][ T7199] CPU: 0 PID: 7199 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  435.044318][ T7199] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  435.054387][ T7199] Call Trace:
[  435.057667][ T7199]  <TASK>
[  435.060597][ T7199]  dump_stack_lvl+0x1e3/0x2cb
[  435.065283][ T7199]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  435.070915][ T7199]  ? panic+0x84d/0x84d
[  435.074996][ T7199]  ? __might_sleep+0xc0/0xc0
[  435.079585][ T7199]  ? string+0x26a/0x2b0
[  435.083801][ T7199]  ? widen_string+0x3a/0x310
[  435.088423][ T7199]  ? string+0x26a/0x2b0
[  435.092572][ T7199]  should_fail+0x38a/0x4c0
[  435.096980][ T7199]  ? kasprintf+0xd1/0x120
[  435.101303][ T7199]  should_failslab+0x5/0x20
[  435.105804][ T7199]  slab_pre_alloc_hook+0x53/0xc0
[  435.110736][ T7199]  ? kasprintf+0xd1/0x120
[  435.115065][ T7199]  __kmalloc_track_caller+0x6c/0x300
[  435.120366][ T7199]  ? kasprintf+0xd1/0x120
[  435.124702][ T7199]  kvasprintf+0xd6/0x180
[  435.128960][ T7199]  ? bust_spinlocks+0xd0/0xd0
[  435.133627][ T7199]  ? lockdep_unlock+0x166/0x300
[  435.138537][ T7199]  ? lockdep_lock+0x2a0/0x2a0
[  435.143207][ T7199]  ? __is_module_percpu_address+0x287/0x3c0
[  435.149143][ T7199]  kasprintf+0xd1/0x120
[  435.153299][ T7199]  ? kvasprintf_const+0x170/0x170
[  435.158318][ T7199]  ? __raw_spin_lock_init+0x41/0x100
[  435.163601][ T7199]  alloc_workqueue+0x57f/0x13f0
[  435.168445][ T7199]  ? kfree+0x4a/0x270
[  435.172429][ T7199]  ? dev_set_name+0xd1/0x120
[  435.177020][ T7199]  ? hci_register_dev+0x15a/0xa50
[  435.182042][ T7199]  ? apply_workqueue_attrs+0x170/0x170
[  435.187502][ T7199]  hci_register_dev+0x2a1/0xa50
[  435.192370][ T7199]  hci_uart_tty_ioctl+0x8a3/0xa70
[  435.197402][ T7199]  ? hci_uart_tty_write+0x10/0x10
[  435.202420][ T7199]  tty_ioctl+0x8ff/0xc50
[  435.206661][ T7199]  ? bpf_lsm_file_ioctl+0x5/0x10
[  435.211599][ T7199]  ? tty_get_icount+0xa0/0xa0
[  435.216272][ T7199]  __se_sys_ioctl+0xf1/0x160
[  435.220856][ T7199]  do_syscall_64+0x3d/0xb0
[  435.225275][ T7199]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  435.231263][ T7199] RIP: 0033:0x7f3c6698fda9
[  435.235689][ T7199] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  435.255289][ T7199] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  435.263704][ T7199] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
[  435.271767][ T7199] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
03:51:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3f000000)

[  435.279732][ T7199] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
[  435.287695][ T7199] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  435.295660][ T7199] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  435.303642][ T7199]  </TASK>
03:51:36 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0xf}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5451, 0x0)

[  435.367074][ T3545] Bluetooth: hci7: sending frame failed (-49)
03:51:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x41000000)

03:51:36 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x1d}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5452, 0x0)

03:51:36 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x30}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x48000000)

03:51:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x545d, 0x0)

03:51:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5460, 0x0)

03:51:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4c000000)

03:51:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x8933, 0x0)

03:51:36 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x44}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5c000000)

03:51:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400448c9, 0x0)

03:51:36 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x68000000)

03:51:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400448dd, 0x0)

03:51:36 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x60}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:37 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40045431, 0x0)

03:51:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6c000000)

03:51:37 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000000040)="88", 0x1}], 0x1}, 0x0)

03:51:37 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40045436, 0x0)

03:51:37 executing program 4:
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000dc0)=@bpf_ext={0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000d40)}, 0x90)

03:51:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x74000000)

03:51:37 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0xdd}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:37 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400454ca, 0x0)

03:51:37 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000a40)={0x0, 0x0, &(0x7f0000000640)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9, &(0x7f0000000a00)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @private, @private}}}], 0x20}, 0x0)

03:51:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7a000000)

03:51:37 executing program 4:
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000f00)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x3}, 0x48)

[  437.431786][ T3818] Bluetooth: hci7: command 0x1003 tx timeout
[  437.437893][ T3545] Bluetooth: hci7: sending frame failed (-49)
[  439.501862][ T3818] Bluetooth: hci7: command 0x1001 tx timeout
[  439.508901][ T3545] Bluetooth: hci7: sending frame failed (-49)
[  439.824303][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  439.830620][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  441.582110][ T3653] Bluetooth: hci7: command 0x1009 tx timeout
03:51:46 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 9)

03:51:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455cb, 0x0)

03:51:46 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7f000000)

03:51:46 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000002300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f00000037c0)={0x0, 0x0, 0x0}, 0x40000140)

03:51:46 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f00000026c0)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xf}, 0x48)

03:51:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40049409, 0x0)

03:51:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa00d0000)

[  445.711047][ T7304] FAULT_INJECTION: forcing a failure.
[  445.711047][ T7304] name failslab, interval 1, probability 0, space 0, times 0
[  445.799019][ T7304] CPU: 0 PID: 7304 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  445.807732][ T7304] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  445.817788][ T7304] Call Trace:
[  445.821069][ T7304]  <TASK>
[  445.824000][ T7304]  dump_stack_lvl+0x1e3/0x2cb
[  445.828680][ T7304]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  445.834308][ T7304]  ? panic+0x84d/0x84d
[  445.838379][ T7304]  ? __might_sleep+0xc0/0xc0
[  445.842964][ T7304]  should_fail+0x38a/0x4c0
[  445.847376][ T7304]  should_failslab+0x5/0x20
[  445.851871][ T7304]  slab_pre_alloc_hook+0x53/0xc0
[  445.856807][ T7304]  __kmalloc+0x6e/0x300
[  445.860956][ T7304]  ? apply_wqattrs_prepare+0xb3/0xb60
[  445.866333][ T7304]  apply_wqattrs_prepare+0xb3/0xb60
[  445.871543][ T7304]  ? read_lock_is_recursive+0x10/0x10
[  445.876920][ T7304]  ? mutex_lock_io_nested+0x60/0x60
[  445.882139][ T7304]  apply_workqueue_attrs+0xcb/0x170
[  445.887333][ T7304]  alloc_workqueue+0xeb9/0x13f0
[  445.892175][ T7304]  ? kfree+0x4a/0x270
[  445.896158][ T7304]  ? dev_set_name+0xd1/0x120
[  445.900762][ T7304]  ? hci_register_dev+0x15a/0xa50
[  445.905786][ T7304]  ? apply_workqueue_attrs+0x170/0x170
[  445.911279][ T7304]  hci_register_dev+0x2a1/0xa50
[  445.916138][ T7304]  hci_uart_tty_ioctl+0x8a3/0xa70
[  445.921166][ T7304]  ? hci_uart_tty_write+0x10/0x10
[  445.926185][ T7304]  tty_ioctl+0x8ff/0xc50
[  445.930422][ T7304]  ? bpf_lsm_file_ioctl+0x5/0x10
[  445.935360][ T7304]  ? tty_get_icount+0xa0/0xa0
[  445.940036][ T7304]  __se_sys_ioctl+0xf1/0x160
[  445.944623][ T7304]  do_syscall_64+0x3d/0xb0
[  445.949048][ T7304]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  445.954945][ T7304] RIP: 0033:0x7f3c6698fda9
[  445.959361][ T7304] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  445.978953][ T7304] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  445.987357][ T7304] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
03:51:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40086602, 0x0)

03:51:46 executing program 4:
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000002d00)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, 0x50)

[  445.995317][ T7304] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  446.003279][ T7304] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
[  446.011248][ T7304] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  446.019214][ T7304] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  446.027193][ T7304]  </TASK>
03:51:46 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x2}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40186366, 0x0)

03:51:46 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xb5986dfa)

03:51:46 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000001640)={<r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000002bc0)={&(0x7f0000001680)={0x2, 0x0, @multicast2}, 0x10, 0x0}, 0x0)

03:51:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xbe912100)

03:51:47 executing program 4:
r0 = add_key$keyring(&(0x7f0000000780), &(0x7f00000007c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = add_key$keyring(&(0x7f0000000040), &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, r0)
keyctl$KEYCTL_MOVE(0x11, r0, r1, r0, 0x0)

03:51:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x401c5820, 0x0)

03:51:47 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x3}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe2000000)

03:51:47 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/tty/drivers\x00', 0x0, 0x0)
preadv2(r0, &(0x7f0000000200)=[{&(0x7f0000000100)=""/216, 0xd8}], 0x1, 0x0, 0x0, 0x0)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
sendfile(r1, r0, &(0x7f0000000000)=0x7, 0x5)

03:51:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x4020940d, 0x0)

03:51:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xf1ffffff)

03:51:47 executing program 4:
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000002c0)={0x6, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000000c0)='syzkaller\x00', 0x3, 0x17, &(0x7f0000000100)=""/23}, 0x90)

[  446.424393][ T7304] Bluetooth: Can't register HCI device
03:51:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045430, 0x0)

03:51:47 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x4}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:47 executing program 4:
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000009c0)='./file0\x00', 0x2040, 0x0)
ioctl$FS_IOC_ADD_ENCRYPTION_KEY(r0, 0xc0185879, 0x0)

03:51:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045432, 0x0)

03:51:47 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 10)

03:51:47 executing program 4:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140), 0x4)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040), 0x4)

03:51:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045438, 0x0)

03:51:47 executing program 4:
syz_clone(0x40a00200, 0x0, 0x0, &(0x7f00000018c0), &(0x7f0000001900), 0x0)

[  446.753228][ T7371] FAULT_INJECTION: forcing a failure.
[  446.753228][ T7371] name failslab, interval 1, probability 0, space 0, times 0
03:51:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045439, 0x0)

[  446.807573][ T7371] CPU: 0 PID: 7371 Comm: syz-executor.2 Not tainted 5.15.151-syzkaller #0
[  446.816209][ T7371] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  446.826275][ T7371] Call Trace:
[  446.829567][ T7371]  <TASK>
[  446.832510][ T7371]  dump_stack_lvl+0x1e3/0x2cb
[  446.837211][ T7371]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  446.842883][ T7371]  ? panic+0x84d/0x84d
[  446.846976][ T7371]  ? __might_sleep+0xc0/0xc0
[  446.851848][ T7371]  should_fail+0x38a/0x4c0
03:51:47 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x5}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  446.856301][ T7371]  should_failslab+0x5/0x20
[  446.860826][ T7371]  slab_pre_alloc_hook+0x53/0xc0
[  446.865793][ T7371]  kmem_cache_alloc_trace+0x49/0x290
[  446.871120][ T7371]  ? apply_wqattrs_prepare+0xea/0xb60
[  446.876520][ T7371]  apply_wqattrs_prepare+0xea/0xb60
[  446.881736][ T7371]  ? read_lock_is_recursive+0x10/0x10
[  446.887126][ T7371]  ? mutex_lock_io_nested+0x60/0x60
[  446.892358][ T7371]  apply_workqueue_attrs+0xcb/0x170
[  446.897573][ T7371]  alloc_workqueue+0xeb9/0x13f0
[  446.902437][ T7371]  ? kfree+0x4a/0x270
[  446.906450][ T7371]  ? dev_set_name+0xd1/0x120
[  446.911088][ T7371]  ? hci_register_dev+0x15a/0xa50
[  446.916144][ T7371]  ? apply_workqueue_attrs+0x170/0x170
[  446.921641][ T7371]  hci_register_dev+0x2a1/0xa50
[  446.926516][ T7371]  hci_uart_tty_ioctl+0x8a3/0xa70
[  446.931596][ T7371]  ? hci_uart_tty_write+0x10/0x10
[  446.936635][ T7371]  tty_ioctl+0x8ff/0xc50
[  446.940898][ T7371]  ? bpf_lsm_file_ioctl+0x5/0x10
[  446.945869][ T7371]  ? tty_get_icount+0xa0/0xa0
[  446.950586][ T7371]  __se_sys_ioctl+0xf1/0x160
[  446.955214][ T7371]  do_syscall_64+0x3d/0xb0
[  446.959658][ T7371]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  446.965577][ T7371] RIP: 0033:0x7f3c6698fda9
[  446.970013][ T7371] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  446.989636][ T7371] RSP: 002b:00007f3c64f100c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  446.998066][ T7371] RAX: ffffffffffffffda RBX: 00007f3c66abdf80 RCX: 00007f3c6698fda9
03:51:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfa6d98b5)

[  447.006058][ T7371] RDX: 0000000000000000 RSI: 00000000400455c8 RDI: 0000000000000004
[  447.014044][ T7371] RBP: 00007f3c64f10120 R08: 0000000000000000 R09: 0000000000000000
[  447.022032][ T7371] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000002
[  447.030005][ T7371] R13: 000000000000000b R14: 00007f3c66abdf80 R15: 00007ffdf68c42f8
[  447.037994][ T7371]  </TASK>
03:51:47 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x6}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045440, 0x0)

03:51:47 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfeffffff)

03:51:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xff0f0000)

03:51:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x800455c9, 0x0)

[  447.212013][ T7371] Bluetooth: Can't register HCI device
03:51:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0) (fail_nth: 11)

03:51:48 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
write$cgroup_int(r0, 0x0, 0x0)

03:51:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x7}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xff510000)

03:51:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x800455ca, 0x0)

03:51:48 executing program 4:
socketpair(0xa, 0x1, 0x3f, &(0x7f0000000040))

03:51:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x8}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x800455cc, 0x0)

03:51:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffef0b00)

03:51:48 executing program 4:
socketpair(0x9, 0x0, 0x0, &(0x7f0000000f40))

03:51:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80086301, 0x0)

03:51:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x9}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

03:51:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffff8000)

03:51:48 executing program 4:
syz_clone(0x40a00200, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001940)="968945c630859be844b6af3203a13dedd77b9729a224579ccbc8b734566898220292dd29ae28c0ec9054bb208934743896093199f6a20e21560ba5eb848b4eaab64ecc4c3403f4f43ee2f556a8741e7c2bc950fc2b2930738fe2afe8d1dd8242c4a5e36f7fa007eb09df7480c46640310f01c603b4f9bee9220dd1f1c5b5a4b5201d9606faf645ffb11bc93dab906f8f9f92f6fabb7b25d2e129e1b29dbda945e589ad0bb29cfae9f118c87cfb8636e009827907ab416fe8293ff472aba7a518d7b67f45824a75dd4c82f2a96913bec0c77622f1a2d66bb023d1905542a2b17b470d4871c3e3195cb55c2ec8b1f54efc656477df4286")

03:51:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffff1)

03:51:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80086601, 0x0)

[  447.848954][ T4030] Bluetooth: hci7: Frame reassembly failed (-84)
03:51:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0xb}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x801c581f, 0x0)

03:51:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfffffffe)

03:51:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc0045878, 0x0)

03:51:49 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff})
sendmsg$sock(r0, &(0x7f0000004040)={0x0, 0x0, &(0x7f0000004000)=[{0x0}], 0x1}, 0x0)

03:51:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x100000794)

03:51:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0xf}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc0045878, 0x0)

03:51:49 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000480)={<r0=>0xffffffffffffffff})
sendmsg$sock(r0, &(0x7f0000004040)={0x0, 0x0, 0x0}, 0x0)

03:51:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7f24078bdda9)

03:51:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc0189436, 0x0)

03:51:49 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080))
syz_clone(0x8804d600, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001d40)="0e")

03:51:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x1d}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1000000000000)

03:51:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc020660b, 0x0)

03:51:49 executing program 4:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffff00, &(0x7f0000000480)}, 0x74)

03:51:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2)

03:51:49 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000000880)={&(0x7f00000000c0)=@l2={0x1f, 0x0, @none}, 0x80, 0x0, 0x0, 0x0, 0x3e80}, 0x0)

03:51:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4000000000000)

03:51:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x30}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:49 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000740)={'bridge0\x00', 0x400})

03:51:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3)

03:51:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x8000000000000)

03:51:49 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff})
sendmsg$unix(r1, &(0x7f0000000580)={&(0x7f0000000380)=@abs, 0x6e, 0x0, 0x0, &(0x7f0000000540)=[@rights={{0x18, 0x1, 0x1, [r0, r0]}}], 0x18}, 0x0)

03:51:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)

03:51:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x40000000000000)

03:51:49 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000400)={'syzkaller0\x00', 0x20})

[  449.901868][ T3653] Bluetooth: hci7: command 0x1003 tx timeout
[  449.908021][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  451.101697][ T3820] Bluetooth: hci8: command 0x1003 tx timeout
[  451.108883][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  451.991989][ T3653] Bluetooth: hci7: command 0x1001 tx timeout
[  451.998096][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  453.181830][ T3820] Bluetooth: hci8: command 0x1001 tx timeout
[  453.188651][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  454.071810][ T3820] Bluetooth: hci7: command 0x1009 tx timeout
[  455.261679][ T3820] Bluetooth: hci8: command 0x1009 tx timeout
03:51:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x2, 0x0)

03:51:59 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x44}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:59 executing program 4:
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000900)="ed")

03:51:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x80ffff00000000)

03:51:59 executing program 4:
socketpair(0x5, 0x0, 0x0, &(0x7f00000014c0))

03:51:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x10, 0x0)

03:51:59 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@cgroup, 0xffffffffffffffff, 0x35, 0x9e57edba28040b9c, 0xffffffffffffffff, @link_id}, 0x20)

03:51:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x100000000000000)

03:51:59 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x60}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:59 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@cgroup, 0xffffffffffffffff, 0x17, 0x9e57edba28040b9c, 0xffffffffffffffff, @link_id}, 0x20)

03:51:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5409, 0x0)

03:51:59 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000280)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xb, [@struct={0x6, 0x1, 0x0, 0x4, 0x0, 0x0, [{0x0, 0x4, 0x80000001}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x61, 0x30, 0x30, 0x2e]}}, &(0x7f0000000380)=""/144, 0x3b, 0x90, 0x1}, 0x20)

03:51:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x100010000000000)

03:51:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540b, 0x0)

03:51:59 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0xdd}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:59 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@cgroup, 0xffffffffffffffff, 0x16, 0x9e57edba28040b9c, 0xffffffffffffffff, @link_id}, 0x20)

03:51:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x104000000000000)

03:51:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540c, 0x0)

03:51:59 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x4, [@enum={0x0, 0x1, 0x0, 0x6, 0x4, [{0x3}]}]}, {0x0, [0x0, 0x0]}}, &(0x7f00000001c0)=""/231, 0x30, 0xe7, 0x1}, 0x20)

03:51:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x10d000000000000)

03:51:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540d, 0x0)

03:51:59 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x300}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:51:59 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@union]}}, 0x0, 0x26, 0x0, 0x1}, 0x20)

03:52:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540e, 0x0)

03:52:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200000000000000)

03:52:00 executing program 4:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz1\x00', 0x200002, 0x0)

03:52:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x540f, 0x0)

03:52:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x300000000000000)

03:52:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x500}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5)

03:52:00 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000001300)={0x0, 0x0, 0x0, 0x0, &(0x7f00000012c0)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18}, 0x0)

03:52:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5410, 0x0)

03:52:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x600}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x400000000000000)

03:52:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5412, 0x0)

03:52:00 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f0000000180)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x14, 0x14, 0x2, [@func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{0x0, 0x4}]}]}}, 0x0, 0x2e, 0x0, 0x1}, 0x20)

03:52:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6)

03:52:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5413, 0x0)

03:52:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x500000000000000)

03:52:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7)

03:52:00 executing program 4:
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000c00)={@cgroup, 0xffffffffffffffff, 0x20, 0x2000, 0x0, @prog_fd}, 0x20)

03:52:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x700}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5414, 0x0)

03:52:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x8)

03:52:00 executing program 4:
socketpair(0x25, 0x0, 0x0, &(0x7f0000000540))

03:52:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x600000000000000)

03:52:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5415, 0x0)

03:52:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x9)

03:52:00 executing program 4:
syz_open_procfs$namespace(0x0, &(0x7f00000016c0)='ns/pid\x00')

03:52:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x900}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5416, 0x0)

03:52:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x700000000000000)

03:52:01 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000c00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000cc0)='ns/cgroup\x00')

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5417, 0x0)

03:52:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x800000000000000)

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5418, 0x0)

03:52:01 executing program 4:
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000280)={@cgroup, 0xffffffffffffffff, 0x5}, 0x20)

03:52:01 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0xb00}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541b, 0x0)

03:52:01 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@map, 0xffffffffffffffff, 0x8, 0x0, 0xffffffffffffffff, @link_id}, 0x20)

03:52:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x900000000000000)

03:52:01 executing program 4:
socketpair(0x0, 0x0, 0x0, &(0x7f00000000c0))

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541d, 0x0)

03:52:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa00000000000000)

03:52:01 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0xf00}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541e, 0x0)

03:52:01 executing program 4:
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00))

03:52:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xb00000000000000)

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x541e, 0x0)

03:52:01 executing program 4:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000001300)={&(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e, 0x0}, 0x0)

03:52:01 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x1d00}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xc00000000000000)

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5420, 0x0)

03:52:01 executing program 4:
syz_clone(0x30120000, 0x0, 0x0, 0x0, 0x0, 0x0)

03:52:01 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5421, 0x0)

03:52:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xd00000000000000)

03:52:01 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x1f00}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:02 executing program 4:
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0xf, &(0x7f0000000500)=@ringbuf, &(0x7f00000005c0)='GPL\x00'}, 0x90)

03:52:02 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5422, 0x0)

03:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xa)

03:52:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe00000000000000)

03:52:03 executing program 4:
syz_clone(0x0, &(0x7f00000000c0)="4fb69e46067deb4960cc8ee9af", 0xd, 0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f00000000c0), 0x10)

03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5423, 0x0)

03:52:03 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x3000}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  462.221763][ T3545] Bluetooth: hci7: Entering manufacturer mode failed (-110)
[  462.222147][ T3653] Bluetooth: hci7: command 0xfc11 tx timeout
03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5424, 0x0)

03:52:03 executing program 4:
bpf$PROG_LOAD(0xa, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff}, 0x90)

03:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb)

03:52:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1000000000000000)

03:52:03 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x4000}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5425, 0x0)

03:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc)

03:52:03 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000180)={@cgroup, 0xffffffffffffffff, 0x22, 0x38, 0xffffffffffffffff, @prog_fd}, 0x20)

03:52:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1100000000000000)

03:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xd)

03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5427, 0x0)

03:52:03 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x4400}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:03 executing program 4:
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000840)={0xfffffffc}, 0x8)

03:52:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1200000000000000)

03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5428, 0x0)

03:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xe)

03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5429, 0x0)

03:52:03 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0x6000}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x10)

03:52:03 executing program 4:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup/syz0\x00', 0x200002, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000002c0)={@cgroup=<r1=>r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
openat$cgroup_subtree(r1, &(0x7f0000000040), 0x2, 0x0)

03:52:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1800000000000000)

03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5437, 0x0)

03:52:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x11)

03:52:03 executing program 4:
io_uring_setup(0x39b6, &(0x7f0000000180)={0x0, 0x45c5, 0x1})

03:52:03 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2000000000000000)

03:52:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5441, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x12)

03:52:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x44, 0x0, 0xdd00}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:04 executing program 4:
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, 0x0)

03:52:04 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5450, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x18)

03:52:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x20e1000000000000)

03:52:04 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5451, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x25)

03:52:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2500000000000000)

03:52:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x4, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3e)

03:52:04 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5452, 0x0)

03:52:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3f00000000000000)

[  463.595245][ T7856] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:04 executing program 4:
syz_mount_image$fuse(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x15022, &(0x7f0000000140)={{}, 0x2c, {}, 0x2c, {'user_id', 0x3d, 0xffffffffffffffff}}, 0x0, 0x0, 0x0)

03:52:04 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x545d, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x48)

03:52:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x5, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4100000000000000)

03:52:04 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x5460, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4c)

03:52:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4800000000000000)

[  463.865292][ T7878] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:04 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x8933, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5c)

03:52:04 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sysvipc/shm\x00', 0x0, 0x0)
epoll_pwait(r0, &(0x7f0000000880)=[{}], 0x1, 0x0, 0x0, 0x0)

03:52:04 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x6, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:04 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400448c9, 0x0)

03:52:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x68)

03:52:04 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x4c00000000000000)

03:52:04 executing program 4:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
read$FUSE(r0, &(0x7f00000000c0)={0x2020}, 0x2020)
r1 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000000))

[  464.152600][ T7902] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6c)

03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400448dd, 0x0)

03:52:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x5c00000000000000)

03:52:05 executing program 4:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x0, 0x0}}, 0x20)

03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40045431, 0x0)

03:52:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x74)

03:52:05 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x9, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40045436, 0x0)

03:52:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6800000000000000)

[  464.462471][ T7921] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:05 executing program 4:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_LK(r0, &(0x7f0000000000)={0x28, 0x0, r1}, 0x28)
pselect6(0x40, &(0x7f00000021c0)={0x8}, 0x0, 0x0, 0x0, 0x0)

03:52:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7a)

03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400454ca, 0x0)

03:52:05 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0xa, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6c00000000000000)

03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455cb, 0x0)

03:52:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x108)

03:52:05 executing program 4:
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000100)={0xe, 0x18, 0xfa00, @id_resuseaddr={0x0}}, 0x20)

[  464.785408][ T7943] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40049409, 0x0)

03:52:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7400000000000000)

03:52:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x300)

03:52:05 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0xb, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x500)

03:52:05 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7a00000000000000)

03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40086602, 0x0)

03:52:05 executing program 4:
openat$nullb(0xffffffffffffff9c, &(0x7f0000000280), 0x4000, 0x0)

03:52:05 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x40186366, 0x0)

[  465.094331][ T7965] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x600)

03:52:06 executing program 4:
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1000008, &(0x7f0000000280)={[{@datacow}, {@clear_cache}, {@nodatasum}, {@rescan_uuid_tree}, {}, {@space_cache_v1}]}, 0xfe, 0x51ab, &(0x7f0000005280)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r0 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f00000000c0)={0x1})
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000400)}, {0x0}, {&(0x7f0000000540)}, {0x0}], 0x5, 0x200, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0xd6}, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000200)={0x2})

03:52:06 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x10, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x7f00000000000000)

03:52:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x401c5820, 0x0)

03:52:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x700)

03:52:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x4020940d, 0x0)

03:52:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x801)

03:52:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x9407000001000000)

[  465.383276][ T7987] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
[  465.405030][ T7987] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
03:52:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x900)

03:52:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045430, 0x0)

03:52:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa00d000000000000)

03:52:06 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x11, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045432, 0x0)

03:52:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xa00)

03:52:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xa9dd8b07247f0000)

[  465.750242][ T8008] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045438, 0x0)

03:52:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb00)

03:52:06 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x1c, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xbe91210000000000)

03:52:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045439, 0x0)

03:52:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb92)

[  466.016284][ T8024] netlink: 'syz-executor.1': attribute type 3 has an invalid length.
03:52:06 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80045440, 0x0)

03:52:06 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xe200000000000000)

03:52:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc00)

03:52:07 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x44, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc67)

03:52:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x800455c9, 0x0)

03:52:07 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xf1ffffff00000000)

03:52:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xd00)

03:52:07 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x800455ca, 0x0)

[  466.364219][ T8046] netlink: 28 bytes leftover after parsing attributes in process `syz-executor.1'.
03:52:07 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x5, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xe00)

[  466.967226][ T7982] loop4: detected capacity change from 0 to 32768
[  467.057209][ T7982] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (7982)
[  467.135765][ T7982] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  467.176279][ T7982] BTRFS info (device loop4): force clearing of disk cache
[  467.207844][ T7982] BTRFS info (device loop4): setting nodatasum
[  467.228742][ T7982] BTRFS info (device loop4): allowing degraded mounts
[  467.241414][ T7982] BTRFS info (device loop4): enabling disk space caching
[  467.257035][ T7982] BTRFS info (device loop4): disk space caching is enabled
[  467.273001][ T7982] BTRFS info (device loop4): has skinny extents
[  467.327744][ T7982] BTRFS info (device loop4): enabling ssd optimizations
[  467.339161][ T7982] BTRFS info (device loop4): clearing free space tree
[  467.347254][ T7982] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  467.358288][ T7982] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  467.405113][ T7982] BTRFS info (device loop4): checking UUID tree
[  467.509534][   T26] audit: type=1804 audit(1709783528.331:61): pid=7982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/321/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  467.616812][   T26] audit: type=1804 audit(1709783528.441:62): pid=8083 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/321/file0/bus" dev="loop4" ino=263 res=1 errno=0
03:52:08 executing program 4:
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1000008, &(0x7f0000000280)={[{@datacow}, {@clear_cache}, {@nodatasum}, {@rescan_uuid_tree}, {}, {@space_cache_v1}]}, 0xfe, 0x51ab, &(0x7f0000005280)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r0 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f00000000c0)={0x1})
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000400)}, {0x0}, {&(0x7f0000000540)}, {0x0}], 0x5, 0x200, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0xd6}, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000200)={0x2})

03:52:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfa6d98b500000000)

03:52:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x800455cc, 0x0)

03:52:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xf27)

03:52:08 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x6, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  467.747117][ T4029] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
03:52:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80086301, 0x0)

03:52:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1100)

03:52:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xfeffffff00000000)

03:52:08 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x8, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x80086601, 0x0)

03:52:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1200)

03:52:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xff0f000000000000)

03:52:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x801c581f, 0x0)

03:52:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1800)

[  468.140299][ T8113] netlink: 'syz-executor.1': attribute type 8 has an invalid length.
03:52:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xff51000000000000)

03:52:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x9, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2000)

03:52:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc0045878, 0x0)

03:52:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2500)

03:52:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc0045878, 0x0)

03:52:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffef0b0000000000)

03:52:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0xa, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x270f)

03:52:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc0189436, 0x0)

03:52:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0xc020660b, 0x0)

03:52:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3e00)

03:52:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0xffffffff00000000)

03:52:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0xb, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2)

03:52:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3f00)

03:52:09 executing program 3:
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000100)=@abs={0x1}, 0x6e)
connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000001600)=@file={0x1}, 0x6e)
r1 = accept$unix(r0, &(0x7f0000000e80), &(0x7f0000000f00)=0x6e)
sendmmsg$unix(r1, &(0x7f0000000f40), 0x0, 0x4040100)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000500)={<r2=>0x0}, &(0x7f0000000540)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000580)={{{@in6=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@empty}, 0x0, @in6=@remote}}, &(0x7f0000000680)=0xe8)
r4 = getgid()
r5 = getpid()
r6 = getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000006c0)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000700)=0xc)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000740)={<r9=>0x0}, &(0x7f0000000780)=0xc)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000007c0)={0x0, 0x0, <r10=>0x0}, &(0x7f0000000800)=0xc)
r11 = getpid()
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r12, 0x8933, &(0x7f0000000000)={'team0\x00', <r13=>0x0})
r14 = socket(0xa, 0x3, 0x4)
ioctl$sock_SIOCBRDELBR(r14, 0x89a2, &(0x7f0000000000)='bridge0\x00')
syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), r14)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000340)=<r15=>0x0)
setsockopt$inet_IP_XFRM_POLICY(r14, 0x0, 0x11, &(0x7f0000000ac0)={{{@in6=@local, @in6=@mcast1, 0x4e20, 0x0, 0x4e20, 0x4, 0x2, 0x0, 0x0, 0x2c, r13, r15}, {0x401, 0xffffffffffff05f8, 0x6, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x8}, {0x400, 0x2, 0x7ff, 0xfc}, 0x0, 0x6e6bb9, 0x0, 0x1, 0x3, 0x3}, {{@in6=@loopback, 0x4d4, 0x32}, 0x2, @in=@loopback, 0x3506, 0x4, 0x1, 0x1, 0x7, 0x7fff, 0x3}}, 0xe8)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000c00)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
r17 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000c40), &(0x7f0000000c80)=0x10)
r18 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r18, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5}, @IFLA_GENEVE_TTL_INHERIT={0x5}]}}}]}, 0x44}}, 0x0)
r19 = accept(r0, &(0x7f0000000cc0)=@sco={0x1f, @fixed}, &(0x7f0000000d40)=0x80)
sendmmsg$unix(r0, &(0x7f0000000e00)=[{{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000200)="5c1735a9973c7a4718e26194f1fe697ea1dd345f0ccbfdc05f4a1358b1df37ea3126720f06a46b400bef1271b33525a8ed1aa6bdbaa82e66fefeb162f49df2532b219255e1d264e3af8000970753e5504e9e8ef4", 0x54}, {&(0x7f0000000280)="f76afbea66f9ea63c86790a43b8de4d3ef323b2b2ea2d914d9e8efea3ce5f8d4bf5a005e62007b8f88867ef2cca2abe5aa2621fa87de0afe5a39d06a218489be67ac0319d2c923e4da102392866029b23f97566d9a60ceb30b5877440bb7dedd4cf7a763c21ef1a85dcecf4a8a6ffb8713a6a5d17dd3c160ed2be699ccf24af05a064387e9f8cc269dab3969853c84c1c2e2388780ec0125ba8b1fbe07ff49c4a6033fb357162768b705779a86cbe78c7323f3c0a9b033ff6bd2335b3f2c0ae3", 0xc0}, {&(0x7f0000000340)="301f39db2e4beb5c1d1ccd0af5dc2bb58cbf8df668c840fccb831fc9a0b58f15c37aa111a81790cb0b09294e08289e49b67c19e5b944ab986c0db6cc53be93a1cfe5289f17e2e7cfdfa3be80b226621b8cfe5d97c30a05b231f020ec15cb3a39b02526ec43431fc5884d9d4e90e99734942300f9e8e6ed08916463001e6f4b7452bee2d35672922c9310164f7b49f85b5e6fed1d5f3b55c8175a48e7cec699fddc024aeb867b56fe05885ad94ce19d5dff294dad2130ee528ba873fb3935abf4f980776e46436e52c7ad5a1a757167d0b62dae44375d87b1410e8f4f07c31eaedd6422524e5f093c6b0101889424c1ba42", 0xf1}, {&(0x7f0000000440)="c0c5a394c1917dc12255af8eb75894ce0faa1ed7eff12cc4dd24ae98d81a835c052799c013c4b2875b7f94455dfe079df14b01fc7015a074966d2e78914577787edba09b27c12a666ad0d16d", 0x4c}], 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r8, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee01, @ANYRES32=r10, @ANYBLOB="0f000001"], 0xb8, 0x1}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000900)="744c361982227580a27f50921e48801a38a238418e9f1a8b493e33d55da7d64d4823e0dfd58bcc247c60a2e0a98e95ed1e318d04d5c9fa810c8b19f4bc3b91b8a4e23c1c1fe3683582d0e6a9fab06002454f4974493db81cc54aff2d577c6bc0046f5e651b9aade2cfa86ddf3084523b21f3a8b7d98ec391171545f19c0d4ab7206e0f2d5ae05dd1146f9c12dd0916dd38fcf764986cc8fe350134465dc1f0fdfbe1003541bc377fc84c76036325fc6aceac90fef453d99ec5b06e7b38f9ac758d153e8986786fbf3134f929aa0b74f0c4dfe5e9fda901d0e0", 0xd9}, {&(0x7f0000000a00)="5ceb79fdea249055e8113ab2ea526c20a3e335f48ed839111931db76", 0x1c}, {&(0x7f0000000a40)="8dc323b04044812e71c8f1d4a9655eaae0e75baca7ea8a9bb2627a7dd3ef909db0ce7311987581890708279cf68e9429ba51b4a6dbd6a2fd2dc072e9cb4eca0ec41198e02095922cc63a80bef40184fa60382a8e5966fffdb28e86b41e6331151d078262a210d49f503768ec9681e89c4e8d61b9d6c105f8f38adc54ef9307f42da5d31814cc9eb4cb0c881d7beaabe3559cbbe43aa94c33ec51087835eb97cca13976c929a2eb8352e32db126fc3d9e25925ebe61129c5597a27034c8c43fc5f4de04c0232bf912fbcec6c03eb0b7e1a89194daee79d74652f4276da68014c618e36b27a4dc339b26fb6f1f750ebeb470118e633b347fb0bd", 0xf9}, {&(0x7f0000000b40)="e516459e015101a9b83684a4eea1017972ffdfb346a1cba40fb37a49123fb83ddf037726cf86f87cce0c2061e298a65c3f2a49e284789a6e153cb49d60080aebc8766af3ee29bdf5e1c657d297d4a16da9cbf3a7436cc078fe4ee9ebd126", 0x5e}], 0x4, &(0x7f0000000d80)=[@cred={{0x1c, 0x1, 0x2, {r11, r15, 0xffffffffffffffff}}}, @rights={{0x28, 0x1, 0x1, [r0, r0, r0, r16, r17, r18]}}, @rights={{0x1c, 0x1, 0x1, [r0, r19, r0]}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}], 0x80, 0x10084}}], 0x2, 0x10000)

03:52:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3)

[  469.039759][ T8164] bridge0: port 3(team0) entered blocking state
[  469.072181][ T8164] bridge0: port 3(team0) entered disabled state
[  469.103116][ T8164] device team0 entered promiscuous mode
[  469.122266][ T8164] device team_slave_0 entered promiscuous mode
[  469.138834][ T8164] device team_slave_1 entered promiscuous mode
[  469.159236][ T8164] bridge0: port 3(team0) entered blocking state
[  469.166117][ T8164] bridge0: port 3(team0) entered forwarding state
[  469.411248][ T8170] loop4: detected capacity change from 0 to 32768
[  469.505827][ T8170] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8170)
[  469.536782][ T8170] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  469.559692][ T8170] BTRFS info (device loop4): force clearing of disk cache
[  469.568087][ T8170] BTRFS info (device loop4): setting nodatasum
[  469.574567][ T8170] BTRFS info (device loop4): allowing degraded mounts
[  469.581362][ T8170] BTRFS info (device loop4): enabling disk space caching
[  469.591044][ T8170] BTRFS info (device loop4): disk space caching is enabled
[  469.598552][ T8170] BTRFS info (device loop4): has skinny extents
[  469.647990][ T8170] BTRFS info (device loop4): enabling ssd optimizations
[  469.656705][ T8170] BTRFS info (device loop4): clearing free space tree
[  469.665241][ T8170] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  469.674998][ T8170] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  469.700654][ T8170] BTRFS info (device loop4): checking UUID tree
[  469.728142][   T26] audit: type=1804 audit(1709783530.551:63): pid=8170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/322/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  469.767724][   T26] audit: type=1804 audit(1709783530.571:64): pid=8170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/322/file0/bus" dev="loop4" ino=263 res=1 errno=0
03:52:10 executing program 4:
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1000008, &(0x7f0000000280)={[{@datacow}, {@clear_cache}, {@nodatasum}, {@rescan_uuid_tree}, {}, {@space_cache_v1}]}, 0xfe, 0x51ab, &(0x7f0000005280)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r0 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f00000000c0)={0x1})
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000400)}, {0x0}, {&(0x7f0000000540)}, {0x0}], 0x5, 0x200, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0xd6}, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000200)={0x2})

03:52:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4000)

03:52:10 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)

03:52:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x10, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:10 executing program 3:
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000100)=@abs={0x1}, 0x6e) (async)
connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000001600)=@file={0x1}, 0x6e) (async)
r1 = accept$unix(r0, &(0x7f0000000e80), &(0x7f0000000f00)=0x6e)
sendmmsg$unix(r1, &(0x7f0000000f40), 0x0, 0x4040100)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) (async)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000500)={<r2=>0x0}, &(0x7f0000000540)=0xc) (async)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000580)={{{@in6=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@empty}, 0x0, @in6=@remote}}, &(0x7f0000000680)=0xe8) (async)
r4 = getgid()
r5 = getpid() (async)
r6 = getuid() (async)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000006c0)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000700)=0xc) (async)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0) (async)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000740)={<r9=>0x0}, &(0x7f0000000780)=0xc) (async)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000007c0)={0x0, 0x0, <r10=>0x0}, &(0x7f0000000800)=0xc) (async)
r11 = getpid()
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r12, 0x8933, &(0x7f0000000000)={'team0\x00', <r13=>0x0}) (async)
r14 = socket(0xa, 0x3, 0x4)
ioctl$sock_SIOCBRDELBR(r14, 0x89a2, &(0x7f0000000000)='bridge0\x00') (async)
syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), r14) (async)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000340)=<r15=>0x0)
setsockopt$inet_IP_XFRM_POLICY(r14, 0x0, 0x11, &(0x7f0000000ac0)={{{@in6=@local, @in6=@mcast1, 0x4e20, 0x0, 0x4e20, 0x4, 0x2, 0x0, 0x0, 0x2c, r13, r15}, {0x401, 0xffffffffffff05f8, 0x6, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x8}, {0x400, 0x2, 0x7ff, 0xfc}, 0x0, 0x6e6bb9, 0x0, 0x1, 0x3, 0x3}, {{@in6=@loopback, 0x4d4, 0x32}, 0x2, @in=@loopback, 0x3506, 0x4, 0x1, 0x1, 0x7, 0x7fff, 0x3}}, 0xe8)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000c00)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
r17 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000c40), &(0x7f0000000c80)=0x10)
r18 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r18, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5}, @IFLA_GENEVE_TTL_INHERIT={0x5}]}}}]}, 0x44}}, 0x0) (async)
r19 = accept(r0, &(0x7f0000000cc0)=@sco={0x1f, @fixed}, &(0x7f0000000d40)=0x80)
sendmmsg$unix(r0, &(0x7f0000000e00)=[{{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000200)="5c1735a9973c7a4718e26194f1fe697ea1dd345f0ccbfdc05f4a1358b1df37ea3126720f06a46b400bef1271b33525a8ed1aa6bdbaa82e66fefeb162f49df2532b219255e1d264e3af8000970753e5504e9e8ef4", 0x54}, {&(0x7f0000000280)="f76afbea66f9ea63c86790a43b8de4d3ef323b2b2ea2d914d9e8efea3ce5f8d4bf5a005e62007b8f88867ef2cca2abe5aa2621fa87de0afe5a39d06a218489be67ac0319d2c923e4da102392866029b23f97566d9a60ceb30b5877440bb7dedd4cf7a763c21ef1a85dcecf4a8a6ffb8713a6a5d17dd3c160ed2be699ccf24af05a064387e9f8cc269dab3969853c84c1c2e2388780ec0125ba8b1fbe07ff49c4a6033fb357162768b705779a86cbe78c7323f3c0a9b033ff6bd2335b3f2c0ae3", 0xc0}, {&(0x7f0000000340)="301f39db2e4beb5c1d1ccd0af5dc2bb58cbf8df668c840fccb831fc9a0b58f15c37aa111a81790cb0b09294e08289e49b67c19e5b944ab986c0db6cc53be93a1cfe5289f17e2e7cfdfa3be80b226621b8cfe5d97c30a05b231f020ec15cb3a39b02526ec43431fc5884d9d4e90e99734942300f9e8e6ed08916463001e6f4b7452bee2d35672922c9310164f7b49f85b5e6fed1d5f3b55c8175a48e7cec699fddc024aeb867b56fe05885ad94ce19d5dff294dad2130ee528ba873fb3935abf4f980776e46436e52c7ad5a1a757167d0b62dae44375d87b1410e8f4f07c31eaedd6422524e5f093c6b0101889424c1ba42", 0xf1}, {&(0x7f0000000440)="c0c5a394c1917dc12255af8eb75894ce0faa1ed7eff12cc4dd24ae98d81a835c052799c013c4b2875b7f94455dfe079df14b01fc7015a074966d2e78914577787edba09b27c12a666ad0d16d", 0x4c}], 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r8, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee01, @ANYRES32=r10, @ANYBLOB="0f000001"], 0xb8, 0x1}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000900)="744c361982227580a27f50921e48801a38a238418e9f1a8b493e33d55da7d64d4823e0dfd58bcc247c60a2e0a98e95ed1e318d04d5c9fa810c8b19f4bc3b91b8a4e23c1c1fe3683582d0e6a9fab06002454f4974493db81cc54aff2d577c6bc0046f5e651b9aade2cfa86ddf3084523b21f3a8b7d98ec391171545f19c0d4ab7206e0f2d5ae05dd1146f9c12dd0916dd38fcf764986cc8fe350134465dc1f0fdfbe1003541bc377fc84c76036325fc6aceac90fef453d99ec5b06e7b38f9ac758d153e8986786fbf3134f929aa0b74f0c4dfe5e9fda901d0e0", 0xd9}, {&(0x7f0000000a00)="5ceb79fdea249055e8113ab2ea526c20a3e335f48ed839111931db76", 0x1c}, {&(0x7f0000000a40)="8dc323b04044812e71c8f1d4a9655eaae0e75baca7ea8a9bb2627a7dd3ef909db0ce7311987581890708279cf68e9429ba51b4a6dbd6a2fd2dc072e9cb4eca0ec41198e02095922cc63a80bef40184fa60382a8e5966fffdb28e86b41e6331151d078262a210d49f503768ec9681e89c4e8d61b9d6c105f8f38adc54ef9307f42da5d31814cc9eb4cb0c881d7beaabe3559cbbe43aa94c33ec51087835eb97cca13976c929a2eb8352e32db126fc3d9e25925ebe61129c5597a27034c8c43fc5f4de04c0232bf912fbcec6c03eb0b7e1a89194daee79d74652f4276da68014c618e36b27a4dc339b26fb6f1f750ebeb470118e633b347fb0bd", 0xf9}, {&(0x7f0000000b40)="e516459e015101a9b83684a4eea1017972ffdfb346a1cba40fb37a49123fb83ddf037726cf86f87cce0c2061e298a65c3f2a49e284789a6e153cb49d60080aebc8766af3ee29bdf5e1c657d297d4a16da9cbf3a7436cc078fe4ee9ebd126", 0x5e}], 0x4, &(0x7f0000000d80)=[@cred={{0x1c, 0x1, 0x2, {r11, r15, 0xffffffffffffffff}}}, @rights={{0x28, 0x1, 0x1, [r0, r0, r0, r16, r17, r18]}}, @rights={{0x1c, 0x1, 0x1, [r0, r19, r0]}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}], 0x80, 0x10084}}], 0x2, 0x10000)

[  469.824130][ T5158] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
03:52:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4800)

[  469.934459][ T8207] netlink: 'syz-executor.1': attribute type 16 has an invalid length.
03:52:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4c00)

03:52:10 executing program 3:
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000100)=@abs={0x1}, 0x6e) (async)
connect$unix(r0, &(0x7f0000000080)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r0, &(0x7f0000001600)=@file={0x1}, 0x6e) (async)
r1 = accept$unix(r0, &(0x7f0000000e80), &(0x7f0000000f00)=0x6e)
sendmmsg$unix(r1, &(0x7f0000000f40), 0x0, 0x4040100) (async)
bind$unix(r0, &(0x7f0000000000)=@file={0x1, './file0\x00'}, 0x6e) (async)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000500)={<r2=>0x0}, &(0x7f0000000540)=0xc)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000580)={{{@in6=@empty, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@empty}, 0x0, @in6=@remote}}, &(0x7f0000000680)=0xe8) (async)
r4 = getgid() (async)
r5 = getpid()
r6 = getuid()
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000006c0)={0x0, 0x0, <r7=>0x0}, &(0x7f0000000700)=0xc) (async)
r8 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000740)={<r9=>0x0}, &(0x7f0000000780)=0xc) (async)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000007c0)={0x0, 0x0, <r10=>0x0}, &(0x7f0000000800)=0xc) (async)
r11 = getpid() (async)
r12 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r12, 0x8933, &(0x7f0000000000)={'team0\x00', <r13=>0x0}) (async)
r14 = socket(0xa, 0x3, 0x4)
ioctl$sock_SIOCBRDELBR(r14, 0x89a2, &(0x7f0000000000)='bridge0\x00') (async)
syz_genetlink_get_family_id$devlink(&(0x7f00000007c0), r14) (async)
ioctl$NS_GET_OWNER_UID(0xffffffffffffffff, 0xb704, &(0x7f0000000340)=<r15=>0x0)
setsockopt$inet_IP_XFRM_POLICY(r14, 0x0, 0x11, &(0x7f0000000ac0)={{{@in6=@local, @in6=@mcast1, 0x4e20, 0x0, 0x4e20, 0x4, 0x2, 0x0, 0x0, 0x2c, r13, r15}, {0x401, 0xffffffffffff05f8, 0x6, 0x8, 0x7, 0x5, 0xffffffffffffffff, 0x8}, {0x400, 0x2, 0x7ff, 0xfc}, 0x0, 0x6e6bb9, 0x0, 0x1, 0x3, 0x3}, {{@in6=@loopback, 0x4d4, 0x32}, 0x2, @in=@loopback, 0x3506, 0x4, 0x1, 0x1, 0x7, 0x7fff, 0x3}}, 0xe8) (async)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000c00)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
r17 = accept$phonet_pipe(0xffffffffffffffff, &(0x7f0000000c40), &(0x7f0000000c80)=0x10) (async)
r18 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r18, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newlink={0x44, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_GENEVE_TOS={0x5}, @IFLA_GENEVE_TTL_INHERIT={0x5}]}}}]}, 0x44}}, 0x0)
r19 = accept(r0, &(0x7f0000000cc0)=@sco={0x1f, @fixed}, &(0x7f0000000d40)=0x80)
sendmmsg$unix(r0, &(0x7f0000000e00)=[{{&(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f00000004c0)=[{&(0x7f0000000200)="5c1735a9973c7a4718e26194f1fe697ea1dd345f0ccbfdc05f4a1358b1df37ea3126720f06a46b400bef1271b33525a8ed1aa6bdbaa82e66fefeb162f49df2532b219255e1d264e3af8000970753e5504e9e8ef4", 0x54}, {&(0x7f0000000280)="f76afbea66f9ea63c86790a43b8de4d3ef323b2b2ea2d914d9e8efea3ce5f8d4bf5a005e62007b8f88867ef2cca2abe5aa2621fa87de0afe5a39d06a218489be67ac0319d2c923e4da102392866029b23f97566d9a60ceb30b5877440bb7dedd4cf7a763c21ef1a85dcecf4a8a6ffb8713a6a5d17dd3c160ed2be699ccf24af05a064387e9f8cc269dab3969853c84c1c2e2388780ec0125ba8b1fbe07ff49c4a6033fb357162768b705779a86cbe78c7323f3c0a9b033ff6bd2335b3f2c0ae3", 0xc0}, {&(0x7f0000000340)="301f39db2e4beb5c1d1ccd0af5dc2bb58cbf8df668c840fccb831fc9a0b58f15c37aa111a81790cb0b09294e08289e49b67c19e5b944ab986c0db6cc53be93a1cfe5289f17e2e7cfdfa3be80b226621b8cfe5d97c30a05b231f020ec15cb3a39b02526ec43431fc5884d9d4e90e99734942300f9e8e6ed08916463001e6f4b7452bee2d35672922c9310164f7b49f85b5e6fed1d5f3b55c8175a48e7cec699fddc024aeb867b56fe05885ad94ce19d5dff294dad2130ee528ba873fb3935abf4f980776e46436e52c7ad5a1a757167d0b62dae44375d87b1410e8f4f07c31eaedd6422524e5f093c6b0101889424c1ba42", 0xf1}, {&(0x7f0000000440)="c0c5a394c1917dc12255af8eb75894ce0faa1ed7eff12cc4dd24ae98d81a835c052799c013c4b2875b7f94455dfe079df14b01fc7015a074966d2e78914577787edba09b27c12a666ad0d16d", 0x4c}], 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="38000000000000000100000001000000", @ANYRES32=r0, @ANYRES32, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r2, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r5, @ANYRES32=r6, @ANYRES32=r7, @ANYBLOB="0000000020000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r8, @ANYRES32=r0, @ANYBLOB="1c000000000000000100000002000000", @ANYRES32=r9, @ANYRES32=0xee01, @ANYRES32=r10, @ANYBLOB="0f000001"], 0xb8, 0x1}}, {{0x0, 0x0, &(0x7f0000000bc0)=[{&(0x7f0000000900)="744c361982227580a27f50921e48801a38a238418e9f1a8b493e33d55da7d64d4823e0dfd58bcc247c60a2e0a98e95ed1e318d04d5c9fa810c8b19f4bc3b91b8a4e23c1c1fe3683582d0e6a9fab06002454f4974493db81cc54aff2d577c6bc0046f5e651b9aade2cfa86ddf3084523b21f3a8b7d98ec391171545f19c0d4ab7206e0f2d5ae05dd1146f9c12dd0916dd38fcf764986cc8fe350134465dc1f0fdfbe1003541bc377fc84c76036325fc6aceac90fef453d99ec5b06e7b38f9ac758d153e8986786fbf3134f929aa0b74f0c4dfe5e9fda901d0e0", 0xd9}, {&(0x7f0000000a00)="5ceb79fdea249055e8113ab2ea526c20a3e335f48ed839111931db76", 0x1c}, {&(0x7f0000000a40)="8dc323b04044812e71c8f1d4a9655eaae0e75baca7ea8a9bb2627a7dd3ef909db0ce7311987581890708279cf68e9429ba51b4a6dbd6a2fd2dc072e9cb4eca0ec41198e02095922cc63a80bef40184fa60382a8e5966fffdb28e86b41e6331151d078262a210d49f503768ec9681e89c4e8d61b9d6c105f8f38adc54ef9307f42da5d31814cc9eb4cb0c881d7beaabe3559cbbe43aa94c33ec51087835eb97cca13976c929a2eb8352e32db126fc3d9e25925ebe61129c5597a27034c8c43fc5f4de04c0232bf912fbcec6c03eb0b7e1a89194daee79d74652f4276da68014c618e36b27a4dc339b26fb6f1f750ebeb470118e633b347fb0bd", 0xf9}, {&(0x7f0000000b40)="e516459e015101a9b83684a4eea1017972ffdfb346a1cba40fb37a49123fb83ddf037726cf86f87cce0c2061e298a65c3f2a49e284789a6e153cb49d60080aebc8766af3ee29bdf5e1c657d297d4a16da9cbf3a7436cc078fe4ee9ebd126", 0x5e}], 0x4, &(0x7f0000000d80)=[@cred={{0x1c, 0x1, 0x2, {r11, r15, 0xffffffffffffffff}}}, @rights={{0x28, 0x1, 0x1, [r0, r0, r0, r16, r17, r18]}}, @rights={{0x1c, 0x1, 0x1, [r0, r19, r0]}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}], 0x80, 0x10084}}], 0x2, 0x10000)

03:52:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5c00)

03:52:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x670c)

03:52:10 executing program 3:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:52:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x11, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6800)

03:52:11 executing program 3:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0) (async)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040)) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)

03:52:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x12, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6c00)

03:52:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7400)

[  470.520478][ T8257] netlink: 'syz-executor.1': attribute type 18 has an invalid length.
03:52:11 executing program 3:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x20002, 0x0)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000040))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:52:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x117, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7a00)

03:52:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800001, 0x10012, r2, 0x0)
r3 = eventfd2(0x800, 0x80000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000001c0)={r2, 0x8, 0xfffffff7, r3})
sendfile(r0, r0, &(0x7f0000000000)=0xb, 0x6)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000040)="66b8fa000f00d866b85f008ed0267cb4b9800000c00f3235001000000f300f01f5f30fc7748afb0fae0cc6f20f00d4c4c1cb5fe4ea040000000a01", 0x3b}], 0x1, 0x1, &(0x7f0000000180)=[@efer={0x2, 0x5001}, @dstype0={0x6, 0x9}], 0x2)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x920b)

03:52:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x131, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100000)

03:52:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800001, 0x10012, r2, 0x0)
r3 = eventfd2(0x800, 0x80000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000001c0)={r2, 0x8, 0xfffffff7, r3}) (async, rerun: 64)
sendfile(r0, r0, &(0x7f0000000000)=0xb, 0x6) (async, rerun: 64)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000040)="66b8fa000f00d866b85f008ed0267cb4b9800000c00f3235001000000f300f01f5f30fc7748afb0fae0cc6f20f00d4c4c1cb5fe4ea040000000a01", 0x3b}], 0x1, 0x1, &(0x7f0000000180)=[@efer={0x2, 0x5001}, @dstype0={0x6, 0x9}], 0x2)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1000000)

03:52:12 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x2001, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1000080)

[  471.220700][ T8243] loop4: detected capacity change from 0 to 32768
[  471.281881][ T8243] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8243)
03:52:12 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.events\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000040)=ANY=[], 0xfea7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x800001, 0x10012, r2, 0x0) (async)
r3 = eventfd2(0x800, 0x80000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f00000001c0)={r2, 0x8, 0xfffffff7, r3}) (async, rerun: 64)
sendfile(r0, r0, &(0x7f0000000000)=0xb, 0x6) (async, rerun: 64)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000040)="66b8fa000f00d866b85f008ed0267cb4b9800000c00f3235001000000f300f01f5f30fc7748afb0fae0cc6f20f00d4c4c1cb5fe4ea040000000a01", 0x3b}], 0x1, 0x1, &(0x7f0000000180)=[@efer={0x2, 0x5001}, @dstype0={0x6, 0x9}], 0x2) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1080000)

[  471.376871][ T8243] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  471.411927][ T8243] BTRFS info (device loop4): force clearing of disk cache
03:52:12 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0xf800, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  471.444286][ T8243] BTRFS info (device loop4): setting nodatasum
[  471.472110][ T8243] BTRFS info (device loop4): allowing degraded mounts
[  471.479061][ T8243] BTRFS info (device loop4): enabling disk space caching
03:52:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2000000)

[  471.493077][ T8243] BTRFS info (device loop4): disk space caching is enabled
[  471.515311][ T8243] BTRFS info (device loop4): has skinny extents
[  471.704095][ T8243] BTRFS info (device loop4): enabling ssd optimizations
[  471.715571][ T8243] BTRFS info (device loop4): clearing free space tree
[  471.722630][ T8243] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  471.732460][ T8243] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  471.747881][ T8243] BTRFS info (device loop4): checking UUID tree
[  471.778036][   T26] audit: type=1804 audit(1709783532.601:65): pid=8243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/323/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  471.817670][   T26] audit: type=1804 audit(1709783532.631:66): pid=8243 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/323/file0/bus" dev="loop4" ino=263 res=1 errno=0
03:52:12 executing program 4:
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1000008, &(0x7f0000000280)={[{@datacow}, {@clear_cache}, {@nodatasum}, {@rescan_uuid_tree}, {}, {@space_cache_v1}]}, 0xfe, 0x51ab, &(0x7f0000005280)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r0 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f00000000c0)={0x1})
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000400)}, {0x0}, {&(0x7f0000000540)}, {0x0}], 0x5, 0x200, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0xd6}, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000200)={0x2})

03:52:12 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_GET(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x120, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2c65}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4911}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}}]}, 0x120}, 0x1, 0x0, 0x0, 0x4044}, 0x40)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r2, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xa6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3a}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000094}, 0x40000)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r3, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0xd})

[  471.879740][ T5158] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  472.043382][ T3821] Bluetooth: hci7: command 0x1003 tx timeout
[  472.049614][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  472.416474][ T8341] loop4: detected capacity change from 0 to 32768
[  472.503926][ T8341] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8341)
[  472.537830][ T8341] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  472.560786][ T8341] BTRFS info (device loop4): force clearing of disk cache
[  472.568173][ T8341] BTRFS info (device loop4): setting nodatasum
[  472.574656][ T8341] BTRFS info (device loop4): allowing degraded mounts
[  472.581446][ T8341] BTRFS info (device loop4): enabling disk space caching
[  472.589516][ T8341] BTRFS info (device loop4): disk space caching is enabled
[  472.596832][ T8341] BTRFS info (device loop4): has skinny extents
[  472.706819][ T8341] BTRFS info (device loop4): enabling ssd optimizations
[  472.715113][ T8341] BTRFS info (device loop4): clearing free space tree
[  472.722331][ T8341] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  472.732726][ T8341] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  472.751954][ T8341] BTRFS info (device loop4): checking UUID tree
[  472.792629][   T26] audit: type=1804 audit(1709783533.621:67): pid=8341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/324/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  472.877355][   T26] audit: type=1804 audit(1709783533.671:68): pid=8341 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/324/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  472.904558][ T3634] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  474.061669][ T3817] Bluetooth: hci7: command 0x1001 tx timeout
[  474.069278][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  476.141723][ T3582] Bluetooth: hci7: command 0x1009 tx timeout
03:52:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x4, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3000000)

03:52:21 executing program 3:
socket$nl_generic(0x10, 0x3, 0x10) (async)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_GET(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x120, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2c65}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4911}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}}]}, 0x120}, 0x1, 0x0, 0x0, 0x4044}, 0x40)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r2, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xa6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3a}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000094}, 0x40000) (async)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r2, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xa6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3a}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000094}, 0x40000)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r3, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0xd})

03:52:21 executing program 4:
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1000008, &(0x7f0000000280)={[{@datacow}, {@clear_cache}, {@nodatasum}, {@rescan_uuid_tree}, {}, {@space_cache_v1}]}, 0xfe, 0x51ab, &(0x7f0000005280)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r0 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f00000000c0)={0x1})
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000400)}, {0x0}, {&(0x7f0000000540)}, {0x0}], 0x5, 0x200, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0xd6}, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000200)={0x2})

03:52:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5)

03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4000000)

03:52:21 executing program 3:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_SB_GET(r0, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f0000000040)={&(0x7f0000000140)={0x120, 0x0, 0x400, 0x70bd26, 0x25dfdbfc, {}, [{@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x5}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x1}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x3ff}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x2c65}}, {@pci={{0x8}, {0x11}}, {0x8, 0xb, 0x3}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x4911}}, {@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0xb, 0x8}}]}, 0x120}, 0x1, 0x0, 0x0, 0x4044}, 0x40)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000300), r0)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, &(0x7f00000003c0)={&(0x7f00000002c0), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x34, r2, 0x200, 0x70bd2c, 0x25dfdbfc, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0xa6}, @MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x3a}, @MPTCP_PM_ATTR_SUBFLOWS={0x8, 0x3, 0x7}, @MPTCP_PM_ATTR_RCV_ADD_ADDRS={0x8, 0x2, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000094}, 0x40000) (async)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r3, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0xd})

03:52:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6)

03:52:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x8, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5000000)

03:52:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7)

03:52:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x8)

[  480.563373][ T8404] netlink: 12 bytes leftover after parsing attributes in process `syz-executor.1'.
03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6000000)

03:52:21 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x9)

03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7000000)

03:52:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x30, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x8000000)

[  480.907878][ T8426] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x9000000)

03:52:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x44, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xa000000)

03:52:21 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  481.136239][ T8436] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.1'.
03:52:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb000000)

03:52:22 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x117, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc000000)

[  481.306998][ T8375] loop4: detected capacity change from 0 to 32768
03:52:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write$binfmt_script(r2, &(0x7f0000000140)={'#! ', './file0', [{0x20, '/dev/kvm\x00'}], 0xa, "567b22e71e573ca8b53f125aedf5794df504f1363021176b6406133cee0731179a9264fe1bb26605f89e05eb69d35de5357e9714bdfce6cbc543fcd802ca3ae4f166dfffcb638ded03ff5c623feb163f6edf870dc021d2338162995ff2c629fbe53c7ba95eaa67b127eb2b9a7fea05de7b73002ad15f7ca55c5aeaf517939b18fe8963a887cad97d5a0cea2c831920fcdfaedccc122b8908da3b0081af7f777c8e73c6d774bf75fcae29b74b385b14ef443c863d2bfdbfa410431438f65c4ef8dd9837d0a1a08dac88a14612c0e68c253c7c524dfac7dad82fd9903ba74721b6ad77cc42c756b2717473206fa06fe8ded25463577eee6e637b86ca7208"}, 0x112)
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r2, 0x40049366, &(0x7f0000000040)=0x4)
vmsplice(r3, &(0x7f00000006c0)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0)
write$binfmt_misc(r3, 0x0, 0xfffffecc)
ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f0000000000)={0x162, 0x5, &(0x7f0000000280)})

[  481.370804][ T8375] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8375)
[  481.404188][ T8375] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
03:52:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xd000000)

[  481.434461][ T8375] BTRFS info (device loop4): force clearing of disk cache
[  481.455788][ T8375] BTRFS info (device loop4): setting nodatasum
[  481.473016][ T8375] BTRFS info (device loop4): allowing degraded mounts
03:52:22 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x131, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  481.521771][ T8375] BTRFS info (device loop4): enabling disk space caching
[  481.536786][ T8375] BTRFS info (device loop4): disk space caching is enabled
03:52:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async, rerun: 64)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (rerun: 64)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write$binfmt_script(r2, &(0x7f0000000140)={'#! ', './file0', [{0x20, '/dev/kvm\x00'}], 0xa, "567b22e71e573ca8b53f125aedf5794df504f1363021176b6406133cee0731179a9264fe1bb26605f89e05eb69d35de5357e9714bdfce6cbc543fcd802ca3ae4f166dfffcb638ded03ff5c623feb163f6edf870dc021d2338162995ff2c629fbe53c7ba95eaa67b127eb2b9a7fea05de7b73002ad15f7ca55c5aeaf517939b18fe8963a887cad97d5a0cea2c831920fcdfaedccc122b8908da3b0081af7f777c8e73c6d774bf75fcae29b74b385b14ef443c863d2bfdbfa410431438f65c4ef8dd9837d0a1a08dac88a14612c0e68c253c7c524dfac7dad82fd9903ba74721b6ad77cc42c756b2717473206fa06fe8ded25463577eee6e637b86ca7208"}, 0x112) (async)
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r2, 0x40049366, &(0x7f0000000040)=0x4)
vmsplice(r3, &(0x7f00000006c0)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0)
write$binfmt_misc(r3, 0x0, 0xfffffecc) (async)
ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f0000000000)={0x162, 0x5, &(0x7f0000000280)})

[  481.563400][ T8375] BTRFS info (device loop4): has skinny extents
03:52:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xe000000)

03:52:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xf270000)

03:52:22 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x10000000)

[  481.830212][ T8375] BTRFS info (device loop4): enabling ssd optimizations
[  481.842346][ T8375] BTRFS info (device loop4): clearing free space tree
[  481.852188][ T8375] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  481.862631][ T8375] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
03:52:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
write$binfmt_script(r2, &(0x7f0000000140)={'#! ', './file0', [{0x20, '/dev/kvm\x00'}], 0xa, "567b22e71e573ca8b53f125aedf5794df504f1363021176b6406133cee0731179a9264fe1bb26605f89e05eb69d35de5357e9714bdfce6cbc543fcd802ca3ae4f166dfffcb638ded03ff5c623feb163f6edf870dc021d2338162995ff2c629fbe53c7ba95eaa67b127eb2b9a7fea05de7b73002ad15f7ca55c5aeaf517939b18fe8963a887cad97d5a0cea2c831920fcdfaedccc122b8908da3b0081af7f777c8e73c6d774bf75fcae29b74b385b14ef443c863d2bfdbfa410431438f65c4ef8dd9837d0a1a08dac88a14612c0e68c253c7c524dfac7dad82fd9903ba74721b6ad77cc42c756b2717473206fa06fe8ded25463577eee6e637b86ca7208"}, 0x112) (async)
pipe(&(0x7f0000000680)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r2, 0x40049366, &(0x7f0000000040)=0x4) (async)
vmsplice(r3, &(0x7f00000006c0)=[{&(0x7f0000000080)='4', 0x1}], 0x1, 0x0)
write$binfmt_misc(r3, 0x0, 0xfffffecc)
ioctl$GIO_FONTX(r3, 0x4b6b, &(0x7f0000000000)={0x162, 0x5, &(0x7f0000000280)})

[  481.880575][ T8375] BTRFS info (device loop4): checking UUID tree
[  481.975680][   T26] audit: type=1804 audit(1709783542.801:69): pid=8375 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/325/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  482.056514][   T26] audit: type=1804 audit(1709783542.861:70): pid=8505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/325/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  482.096480][ T8375] syz-executor.4 (8375) used greatest stack depth: 18928 bytes left
03:52:22 executing program 4:
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1000008, &(0x7f0000000280)={[{@datacow}, {@clear_cache}, {@nodatasum}, {@rescan_uuid_tree}, {}, {@space_cache_v1}]}, 0xfe, 0x51ab, &(0x7f0000005280)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r0 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f00000000c0)={0x1})
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000400)}, {0x0}, {&(0x7f0000000540)}, {0x0}], 0x5, 0x200, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0xd6}, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000200)={0x2})

03:52:22 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x4}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x11000000)

03:52:22 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  482.105088][ T5158] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
03:52:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x12000000)

03:52:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x18000000)

03:52:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000))
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000)) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)

03:52:23 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x8}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000)

03:52:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x25000000)

03:52:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000)) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  482.861592][ T3653] Bluetooth: hci7: command 0xfc11 tx timeout
[  482.871858][ T3545] Bluetooth: hci7: Entering manufacturer mode failed (-110)
03:52:23 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xa)

03:52:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3e000000)

03:52:23 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x10}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
close_range(r1, r3, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$INCFS_IOC_CREATE_FILE(r4, 0xc058671e, &(0x7f0000000300)={{'\x00', 0x1}, {0x1}, 0x0, 0x0, 0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)="c4cb9ff668f2276fed", 0x9, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000093000000000000000c680000001b308a915edcfeb732e7c1f79ebec707777a8313424f9ab05b48083e291754c8fcfba8d70e92c807cd05b0787e5867fb89955111724e53484ceabd71ce96d71c058f22c4c16dec63a756b95d00f0059c9d79dbb7ff52d9ba59dbd4801e000000c93145e12e2f94a9368ec62b6c4401025e12aeca52d802d6fc2e6a1a2800a6000000fdd08602768e16758ba6ffcb6927bbcffc11e7603f32b55bcc96db22d527102b4ddcb8f680cfef8436e267773d76286b1498b61c590615da26eff2a5a978ead4e7bc57b932faca3dc478d9f36119ecd0104577abbeabe7218ee88c81cb62b7bda24664e1ee25049092372da52ac06ffc3226a730cd7eddfbcb57359aabd8385f6e4120948c3c0e0f73ed80980ff1b49ebf94303fab64f46e149591ba990688984642d0844030"], 0x145})

03:52:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3f000000)

03:52:23 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
close_range(r1, r3, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$INCFS_IOC_CREATE_FILE(r4, 0xc058671e, &(0x7f0000000300)={{'\x00', 0x1}, {0x1}, 0x0, 0x0, 0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)="c4cb9ff668f2276fed", 0x9, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000093000000000000000c680000001b308a915edcfeb732e7c1f79ebec707777a8313424f9ab05b48083e291754c8fcfba8d70e92c807cd05b0787e5867fb89955111724e53484ceabd71ce96d71c058f22c4c16dec63a756b95d00f0059c9d79dbb7ff52d9ba59dbd4801e000000c93145e12e2f94a9368ec62b6c4401025e12aeca52d802d6fc2e6a1a2800a6000000fdd08602768e16758ba6ffcb6927bbcffc11e7603f32b55bcc96db22d527102b4ddcb8f680cfef8436e267773d76286b1498b61c590615da26eff2a5a978ead4e7bc57b932faca3dc478d9f36119ecd0104577abbeabe7218ee88c81cb62b7bda24664e1ee25049092372da52ac06ffc3226a730cd7eddfbcb57359aabd8385f6e4120948c3c0e0f73ed80980ff1b49ebf94303fab64f46e149591ba990688984642d0844030"], 0x145})

03:52:23 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb)

03:52:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x40000000)

03:52:24 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc)

03:52:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x44}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x48000000)

03:52:24 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xd)

03:52:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
close_range(r1, r3, 0x0) (async)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$INCFS_IOC_CREATE_FILE(r4, 0xc058671e, &(0x7f0000000300)={{'\x00', 0x1}, {0x1}, 0x0, 0x0, 0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00', &(0x7f0000000140)="c4cb9ff668f2276fed", 0x9, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0200000093000000000000000c680000001b308a915edcfeb732e7c1f79ebec707777a8313424f9ab05b48083e291754c8fcfba8d70e92c807cd05b0787e5867fb89955111724e53484ceabd71ce96d71c058f22c4c16dec63a756b95d00f0059c9d79dbb7ff52d9ba59dbd4801e000000c93145e12e2f94a9368ec62b6c4401025e12aeca52d802d6fc2e6a1a2800a6000000fdd08602768e16758ba6ffcb6927bbcffc11e7603f32b55bcc96db22d527102b4ddcb8f680cfef8436e267773d76286b1498b61c590615da26eff2a5a978ead4e7bc57b932faca3dc478d9f36119ecd0104577abbeabe7218ee88c81cb62b7bda24664e1ee25049092372da52ac06ffc3226a730cd7eddfbcb57359aabd8385f6e4120948c3c0e0f73ed80980ff1b49ebf94303fab64f46e149591ba990688984642d0844030"], 0x145})

03:52:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4c000000)

[  483.376303][ T8544] loop4: detected capacity change from 0 to 32768
03:52:24 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xe)

03:52:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1d}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5c000000)

[  483.456497][ T8544] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8544)
03:52:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  483.564834][ T8544] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  483.596751][ T8544] BTRFS info (device loop4): force clearing of disk cache
03:52:24 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x10)

03:52:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x670c0000)

[  483.625880][ T8544] BTRFS info (device loop4): setting nodatasum
[  483.647359][ T8544] BTRFS info (device loop4): allowing degraded mounts
03:52:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x68000000)

[  483.676489][ T8544] BTRFS info (device loop4): enabling disk space caching
[  483.710126][ T8544] BTRFS info (device loop4): disk space caching is enabled
[  483.761857][ T8544] BTRFS info (device loop4): has skinny extents
[  483.947749][ T8544] BTRFS info (device loop4): enabling ssd optimizations
[  483.955961][ T8544] BTRFS info (device loop4): clearing free space tree
[  483.962915][ T8544] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  483.973095][ T8544] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  483.987831][ T8544] BTRFS info (device loop4): checking UUID tree
[  484.016046][   T26] audit: type=1804 audit(1709783544.841:71): pid=8544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/326/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  484.056353][   T26] audit: type=1804 audit(1709783544.881:72): pid=8544 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/326/file0/bus" dev="loop4" ino=263 res=1 errno=0
03:52:24 executing program 4:
syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1000008, &(0x7f0000000280)={[{@datacow}, {@clear_cache}, {@nodatasum}, {@rescan_uuid_tree}, {}, {@space_cache_v1}]}, 0xfe, 0x51ab, &(0x7f0000005280)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
r0 = open(&(0x7f0000000a40)='./bus\x00', 0x141a42, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_QUOTA_CTL(r1, 0xc0109428, &(0x7f00000000c0)={0x1})
r2 = open(&(0x7f0000007f80)='./bus\x00', 0x0, 0x0)
pwritev(r0, &(0x7f00000006c0)=[{&(0x7f0000000180)}, {&(0x7f0000000400)}, {0x0}, {&(0x7f0000000540)}, {0x0}], 0x5, 0x200, 0x0)
write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000080)={0x1, 0xd6}, 0x2)
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f0000000200)={0x2})

03:52:24 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x11)

03:52:24 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x44}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:24 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6c000000)

[  484.118377][ T4030] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
03:52:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x74000000)

03:52:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r1, 0x6612)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x12)

03:52:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7a000000)

03:52:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
readv(r2, &(0x7f0000001240)=[{&(0x7f0000000140)=""/106, 0x6a}, {&(0x7f00000001c0)=""/120, 0x78}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000000040)=""/32, 0x20}], 0x4)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000001280), &(0x7f00000012c0)='./file0/file0\x00', 0xe, 0x2)

03:52:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x18)

03:52:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x920b0000)

03:52:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x25)

03:52:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x97ffffff)

03:52:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3e)

03:52:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
readv(r2, &(0x7f0000001240)=[{&(0x7f0000000140)=""/106, 0x6a}, {&(0x7f00000001c0)=""/120, 0x78}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000000040)=""/32, 0x20}], 0x4) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000001280), &(0x7f00000012c0)='./file0/file0\x00', 0xe, 0x2)

03:52:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfdfdffff)

03:52:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x2}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x48)

03:52:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfdffffff)

03:52:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async, rerun: 64)
ioctl$KVM_GET_API_VERSION(0xffffffffffffffff, 0xae00, 0x0) (rerun: 64)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r2=>r0}, './file0\x00'})
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
readv(r2, &(0x7f0000001240)=[{&(0x7f0000000140)=""/106, 0x6a}, {&(0x7f00000001c0)=""/120, 0x78}, {&(0x7f0000000240)=""/4096, 0x1000}, {&(0x7f0000000040)=""/32, 0x20}], 0x4)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
fsetxattr$trusted_overlay_redirect(r3, &(0x7f0000001280), &(0x7f00000012c0)='./file0/file0\x00', 0xe, 0x2)

03:52:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4c)

03:52:25 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x3}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfeffffff)

03:52:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5c)

03:52:25 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7b6)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})

03:52:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfffffdfd)

03:52:26 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x64)

03:52:26 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x4}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xffffff7f)

03:52:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7b6) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})

[  485.560563][ T8659] loop4: detected capacity change from 0 to 32768
[  485.618463][ T8659] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 scanned by syz-executor.4 (8659)
[  485.636255][ T8659] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  485.648193][ T8659] BTRFS info (device loop4): force clearing of disk cache
[  485.656075][ T8659] BTRFS info (device loop4): setting nodatasum
[  485.662815][ T8659] BTRFS info (device loop4): allowing degraded mounts
[  485.669705][ T8659] BTRFS info (device loop4): enabling disk space caching
[  485.677522][ T8659] BTRFS info (device loop4): disk space caching is enabled
[  485.685254][ T8659] BTRFS info (device loop4): has skinny extents
[  485.729578][ T8659] BTRFS info (device loop4): enabling ssd optimizations
[  485.738431][ T8659] BTRFS info (device loop4): clearing free space tree
[  485.746515][ T8659] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  485.756495][ T8659] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  485.781785][ T8659] BTRFS info (device loop4): checking UUID tree
[  485.829737][   T26] audit: type=1804 audit(1709783546.651:73): pid=8659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/327/file0/bus" dev="loop4" ino=263 res=1 errno=0
[  485.866424][   T26] audit: type=1804 audit(1709783546.691:74): pid=8659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/327/file0/bus" dev="loop4" ino=263 res=1 errno=0
03:52:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xffffff97)

03:52:26 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x68)

03:52:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x7b6) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})

03:52:26 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  485.942093][ T4030] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
03:52:26 executing program 4:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000002200)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_ATTR(r0, &(0x7f0000000040)={0x78, 0x0, r1}, 0x78)
r2 = epoll_create(0x1)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f00000000c0)={0xb0000000})

03:52:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfffffffd)

03:52:26 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
getsockopt$SO_TIMESTAMPING(r3, 0x2, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="3e0f38f67987f3e000440f20c0663504000000440f22c0a52e0fa3ff0fdc15660fe051f566b8eeb282330f23c80f21f866350c0020000f23f866b9f10900000f32660f6cda", 0x45}], 0x1, 0x14, &(0x7f0000000180), 0x0)

03:52:26 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6c)

03:52:27 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x6}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:27 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfffffffe)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x74)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7a)

03:52:27 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x7}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = socket$packet(0x11, 0x2, 0x300)
getsockopt$SO_TIMESTAMPING(r3, 0x2, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="3e0f38f67987f3e000440f20c0663504000000440f22c0a52e0fa3ff0fdc15660fe051f566b8eeb282330f23c80f21f866350c0020000f23f866b9f10900000f32660f6cda", 0x45}], 0x1, 0x14, &(0x7f0000000180), 0x0)

03:52:27 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1000000000)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x108)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x300)

03:52:27 executing program 4:
openat$nvram(0xffffffffffffff9c, &(0x7f0000000040), 0x60480, 0x0)

03:52:27 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x8}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x500)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x600)

03:52:27 executing program 4:
syz_mount_image$fuse(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)={{}, 0x2c, {}, 0x2c, {}, 0x2c, {}, 0x2c, {[], [{@smackfsfloor={'smackfsfloor', 0x3d, 'group_id'}}]}}, 0x0, 0x0, 0x0)

03:52:27 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
r3 = socket$packet(0x11, 0x2, 0x300)
getsockopt$SO_TIMESTAMPING(r3, 0x2, 0x0, 0x0, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r2, 0xae80, 0x0) (async, rerun: 32)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000180)="3e0f38f67987f3e000440f20c0663504000000440f22c0a52e0fa3ff0fdc15660fe051f566b8eeb282330f23c80f21f866350c0020000f23f866b9f10900000f32660f6cda", 0x45}], 0x1, 0x14, &(0x7f0000000180), 0x0)

03:52:27 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x9}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x700)

[  486.893648][ T8815] fuse: Bad value for 'fd'
03:52:27 executing program 4:
pselect6(0x40, &(0x7f0000000040), 0x0, &(0x7f00000000c0)={0x100000000}, 0x0, &(0x7f00000021c0)={&(0x7f0000002180)={[0x1]}, 0x8})

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x801)

03:52:27 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0xb}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:27 executing program 4:
mmap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x7, 0xf370c2f6563541f7, 0xffffffffffffffff, 0x0)

03:52:27 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x900)

03:52:27 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000140)={0x32c, r1, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xffff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x2}]}, @TIPC_NLA_NODE={0x20, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xb71}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_NODE={0xf4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "c43bcab27632fc4920794cc1c056fd11a86a59ae1ecfbf42b429"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "6f807ac0e957bed9dd66f6f7100a86f95c7adb7c58bc0d2f0b3e6dccfbf4"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x200}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d96e92453cced4a435244e047ca154b621a5dda14fe0d5c922f27b"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xc57}]}, @TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x14, 0x2, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x214}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}]}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x58, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x401}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffe1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x615788ac}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffff8001}]}, @TIPC_NLA_NODE={0xa4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_ID={0x42, 0x3, "5622057b0ceb5f889e7103be58b6a6e95453d25061221bb52da573765486b6dc2a8701d4f37060169bbfc9d33a69e7cbebbba53cda7ce0b7a9e1a57c9f2d"}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "09a77f832beb91f15ccaf33503eba0d49a42fbac880e7aa367f96172e7ed7db92831"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x3ff}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xc}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}]}]}, 0x32c}, 0x1, 0x0, 0x0, 0x20040000}, 0x24040000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r3, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

03:52:28 executing program 4:
add_key$keyring(&(0x7f0000000300), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
add_key$keyring(&(0x7f00000001c0), &(0x7f0000000240)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffd)

03:52:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xa00)

03:52:28 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0) (async)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000140)={0x32c, r1, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xffff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x2}]}, @TIPC_NLA_NODE={0x20, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xb71}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_NODE={0xf4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "c43bcab27632fc4920794cc1c056fd11a86a59ae1ecfbf42b429"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "6f807ac0e957bed9dd66f6f7100a86f95c7adb7c58bc0d2f0b3e6dccfbf4"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x200}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d96e92453cced4a435244e047ca154b621a5dda14fe0d5c922f27b"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xc57}]}, @TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x14, 0x2, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x214}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}]}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x58, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x401}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffe1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x615788ac}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffff8001}]}, @TIPC_NLA_NODE={0xa4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_ID={0x42, 0x3, "5622057b0ceb5f889e7103be58b6a6e95453d25061221bb52da573765486b6dc2a8701d4f37060169bbfc9d33a69e7cbebbba53cda7ce0b7a9e1a57c9f2d"}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "09a77f832beb91f15ccaf33503eba0d49a42fbac880e7aa367f96172e7ed7db92831"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x3ff}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xc}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}]}]}, 0x32c}, 0x1, 0x0, 0x0, 0x20040000}, 0x24040000) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r3, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async, rerun: 64)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) (rerun: 64)

03:52:28 executing program 4:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @local}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x6, &(0x7f0000000140)=0x32, 0x4)
setsockopt$inet_int(r0, 0x0, 0x2, &(0x7f0000000200)=0x2, 0x4)
connect$inet(r0, &(0x7f0000000280)={0x2, 0x0, @broadcast}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003580)=ANY=[@ANYBLOB="100000000000000000ff"], 0x10}}], 0x1, 0x0)

03:52:28 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0xf}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb00)

03:52:28 executing program 4:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, &(0x7f0000002b40)={0x0, 0x0, &(0x7f0000002b00)={&(0x7f00000000c0)={0xec4, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_CSA_IES={0x30, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0xe, 0xba, [0x0, 0x0, 0x0, 0x0, 0x0]}, @NL80211_ATTR_CSA_C_OFF_PRESP={0xe, 0xbb, [0x0, 0x0, 0x0, 0x0, 0x0]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x0, 0x0, 0x0]}]}, @NL80211_ATTR_CH_SWITCH_BLOCK_TX={0x4}, @chandef_params=[@NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5}, @NL80211_ATTR_WIPHY_EDMG_BW_CONFIG={0x5}, @NL80211_ATTR_CENTER_FREQ1={0x8}], @NL80211_ATTR_CH_SWITCH_COUNT={0x8}, @NL80211_ATTR_CSA_IES={0xe4c, 0xb9, 0x0, 0x1, [@NL80211_ATTR_CSA_C_OFF_BEACON={0xa, 0xba, [0x0, 0x0, 0x0]}, @NL80211_ATTR_CSA_C_OFF_BEACON={0xe, 0xba, [0x0, 0x0, 0x0, 0x0, 0x0]}, @beacon_params=[@NL80211_ATTR_IE={0x15, 0x2a, [@chsw_timing={0x68, 0x4}, @sec_chan_ofs={0x3e, 0x1}, @mesh_chsw={0x76, 0x6}]}, @NL80211_ATTR_FTM_RESPONDER={0xe14, 0x10e, 0x0, 0x1, [@NL80211_FTM_RESP_ATTR_ENABLED={0x4}, @NL80211_FTM_RESP_ATTR_CIVICLOC={0xe09, 0x3, "0f85adf49efdd84f19003b226434c5610fa878802578cb8691022af84ad1918ceff9ec21c0fa40f84d98967f3c2bde64c85b80564a0c8a1ba09a6e0d7d340d1a98b81e26a452da9d10a8b4b5d9c8d13b69577f75a76190743dfe0c9ec98d4a1403accabb30138d790f0e2569df4567e83d208fb22bd4b6a1397c527d6467a6aea75af4b40ab9782b66e6a0eb29884f05dee7ad08e9753c7392cce16a09dbefb305428252a7ac684c8df4631f73b8f11a68bd5c595472ca01f18e54f830a95cd9ab06793c618e4f2759be185ad3115c883597a862fbb4ff0a64f26c0db3e75bfa6d09d27acd238789f7a7add5e605ee460fd8a38b5c6ff88c12ee599148edd3ca215af8169a98089fe2efa1b003275eb394f884d27892e863391bb3f0f738145b55f1c86ec19ec8acdbfe4134a9b35ae32ef502042fe5d713e94d96898bf27cfa8119dd8097618b485479f8ca10e6876be33e1f2cd6d659665431c6f56e01ba4699c3927668793086be8d2463b9d1199860426deeb8c1bcf13deffe28539fdc710780c3dc11717734ed66aa8e061228a118f27862686453aaa31fe6b72207b8a417c9251b071e7f8c9c781bc5bcc64a07d2cfdd113348e4afdafede9846627afe9f6708d48f7e38b5bde587e16c8b64c2f74f2c5521cf1fb90c058f9c1251326ffe3ab91922a7c492db2f125ae393d0b821a03018a6bd782a697acf4ba25daf0b48aca6904a3c5ce51ad07c540118fcaf04d3d2692f8e885b7100cf4d14322000beb6ee5992b0f41bb233ae2d61e31b45019fea86032d6b4cf4d27e555b540452b1d0c7ed9348b69543fcffe7be76c0aeb23e790e6ff171a3629116bc3ba73e97f19132be2aae2573678f532b2a3462caef1143b7ef3400c288e8866f354a5e09914c632de8f9b90a8ad46e3a533103a5cc88d70ee99b8c17cf5c7427c3142cc15936191db54302635257d4c080f34221fb973fcd7c9893bc8aa917e45307da4eb49d8b0e25c0c1f3bdff68beddae4ab71e2e1933a9451f72311062ec4913390c1ceb04370f99fb869fadf0b92462571157ac43a38e5f1b575fbd9a1c35d347d6faa3f2d8c50f0a061fcc9a4304937817c9a405fa02153e4e746ec8acfd5df2a8b67d1034f87eb6e11a895ba25e71bb56976618e90d92ba590d1e416215bcde894fd319b7a98bb763f4a2a7655b499b132a545b235d8bd4c8839c8e48d49240e208ab5413a67890549204411ae4995bd38f7663ab5012115e8e1a804b633e90b8bbb8800455b8e0dbc0ca1d2f22902e8cfe93509313bf0ca357205efa2cd02c85beaa086e7075e4e090c726850d4a8010ff7963eff30ea95695194d43c13b3adbe48d0ea846ad1e5149af0cd0b66d9f3b90228b43cfe1b2fee3bc27bb5dba1f5238e20b2aa5207a0dd8dc9f69fe72b551ff954d6d9c63439fa5866413c0dc076fdb7dc74bc20debb8cf7a8356e380da19a5d8b52620a9bee405fe64e1a67e92177fd17895793bcafc34fc503538621fe9f7e2d331041838c2e7a9256ef491e1ba91517f3b91d2259689207824f6e67500297fecc07521b620dec3ee4ac30a55e3c0d1e4a65fba71ee9900f08f61d14145b5db1484a22ed301556151564c049a19897dcff65b452ec3923c48e12e7f839157a63e8432c104d5ad3e20798426e2df5dc581e4dcca5550a057071c70ed7edec337b8785fe2184672a784622d4ce172a132388d9e188110e6e9457778240529ec2845fedc466fa63ad01e421b14763087f44f733c88ec3dd351f67bed615fecda0ff1f5c63237496a4c03627e2b330e8818b302b09ec796f67a46e50702fe02061a4a44e355ca7661e75fd65dbecf8eb730e6dae7e29d7ce36dbc428ff135b146980421db99adfc0c96e89948716e3cd4fb1ae2caff9ed86fd8624ad04ba23866d4f50e9aac2a8453233daef73dbc6fa41c57b1cf7f27d5ed7807f2dd3b211e87c5cbe7bc9e08e65d61adeeec5379f7c3c5100d025910ee8bb004afc7085b3280a167dd88169f3be2d39f5e9d0d08d364715ee70fe924f87755a47bc21f3a0d34b9e9df6fb093d9ec2ea0dcaeb1cf878a184b5ff0f036aa4bb3c168fb881f71e805de88a0b077102b6635a8b508dcc0e16d2c9ab6bd22307158ff41d249a175c4d8886333492c435d314c234b19e61d96e37e616baa13c81090d111acfe3c3288eb08a6115af45cb044be082041dee39015c391f201a713256eb71643fcf960b04274b5bc99e180380b2919fcae436d9352c3a94155a685d8ab00e70bfec36dd22268b6450e9f445ed4eb2327d7ba7db52d1fb81c8665f9fed67a202ed25661485942785b8e632cd3525aad706f53a1f0ff5b4522869a3de2ad97e5510c3d71da96f614253b1cf897b11ff840a8c2ec8400ddf8b0adac285c5af89544120d32535031d308c50a03bc659f68851802fadf19604999e19f2cdaddbd01adf0f685639f9cee8ec4f18b0c9c0a0e6d96a2a8efb8fb3acece740a4c74476327399934671ff15e5cbb92d06e91d18368b529fe3b46bd642d8899cd9b654dbc11caf8aa554e5bde4383f1857094f2fe5d8e70dd65c079a7bf936bda46f5bb362c266bca0bd6139fd861a8e2e444b0d32ab92d815500b5b13ea8d7b4d22f86167b5c9b1e7d854889dc799f10d2dc0d7e133f0c4b86852519540ca595bfa5baf32525dac1980072030de6fcc6e15eacd8defd610e922e342a5af80b479a9094e99fa5219a39f52136decf82a6d4cb47e057c048126cf578c114c4138cd0fafbf043e3e028c1790f78a5da32004c9908f0d20082b14fab020153309bf87bc4587da3a7378ac0aa001ce7a2c7fc8e87cbaa5527e8b94a73ac9f479eb27d3c104bd117c8c8224a579584506d0a56ddecd2e571300dfea5c506004880b40a25130c94a2a2c35db724252d15c06286fc3b42fc6de15282c2a0ad4cce7a2d3c3932fdee877c0059e34349195737a396417b9d713e09e64c373870ca5cfa92193ae385831ccb2ff25add64e9fa6bec35e51f52d230617a3102fbe6b334ef42b0a1a4edba7d4f7195378f2c3773496955d97daedb3503096bd65b926404b5fa22359974f0d5d75e125007e4f1c33b794452c3aa9198e213b4edfd9e638c84555b51d4b252de1a2d1b35d5abbed0b3097261bc1e22c8fe619656e0312bff0bd431d7c6b937c22962cb0b92235d90b65d6e4ad571c8edf748278a1bef23a281dfaaaa256c1db69298c24f4187d2da63974a2e5c088c79d9b54d2328504531fd9666b0d58116f87e62604fd6980fc653847070c57b92aca59da276176dbf0eb4ed3c63ba3cf0ed6466b5215f8e3b10c0063ad843416a852925f011de7d17e8cb41f00a89dfc5aad83d4e6c2896cc85efca00aa0b66ed3845ca6a38174292729438879a32db639c290bcf805eda2a372674b24593a34b49ed2dd755b037eccadf24b04b95b4db01a0ce1541eafb6ac6ad98de66e56c9fa90258b31306b8229a9aef4c73d9da25ee3301903a35867adc2c9527375f53c591ea66b4a15aef00cb7549c8181baf4448a3bff997c9e43f12fbd1b58f849f98352437f5f940bc7e569bfef7ffdfbf116d0e91821cab52cef32527b375f105c3ddffa505b7c8039c96eeef6744294c4c705a0176c732a0f62064fee200b9c553177b30b20b51d8eb3f614b0035c8431f3ae32f5d4d77345561d6b17bc32f649217d51eb128ceffd6dac23d424a241458334e4c6f48a762ce84f2211edcdd6f51f6b8d6e2137229df4d39f9f014b7a00990fba3828f5e445753d41a34c2dd2f4944efacce702eaaa8a46562ade442822ac74a47101a9eca8e236e76652ce906f2e4e8ec064db2b4576558c6d2c2eb68886bd8f5b29077efb38d86cfd56bc6ab0a866864038c21e9bb6a1edc36cb241ad01403809d44cd91634a35cb2346c6f7e448520e9655292ee8f50d1d074e0374746f933688fcde3180bacfdf51bba97157f381c37e7fbb0ede52488079882744e3de0b1bdadb6387d34f9f605023634c144bd1f15757f85e9f01f495d5a9baf0887d7a463c442eaf68a29ccf95d5a7903116830ab9793d9ad6d641805ca1304c1b24b0976ef2b0a0da39710c6b9e53b08e31e89b709798ed94cc1b59d2f45ef467d0581826b9ab82ef32d2aa69b6904a4cae2d9d199afc1d530c40117deeffce1cadaba4ce2eff6aba69aa9f3bf126ad0754ed3a58ee98b5b25a645f81ef0caeb1cb2136582fe47f3a46305971de28d9a1ce35432dcad30a6147c60e6a08472948349238e461664b20e1ded122ca6e6f63be42dad54e7bb95c426ee616b8faa1f984166750805094f4958dec84ecbaa31e77c846498eb500cb1baa1c522a95ce5f8af512feb40636eb0be770b7d9dbedd6ce44bfbc34ca6453499868786cd2a795b70acb88213b38709bd3aa245a495226acb56f407c00ad0503a094cf7595b8fe40a7052765cc0b8efbfef5f54da6f3291bcab54f36f64c37c828d95195eba020e9335e62a2388e0df8cbfd598bbab20be2000b23779197c1507dd2e032faaf842fde8beb91ce527e29bebcd4ac5391e6f1cb5ccd9c2dd5447da6edea5f067ee055a15c83ff51673aa57c833c5e5e5da469a20449cb59c3cd7440216e287e32699c72b7d28b0e2a5d3661fbd04837906e37e060a8120b0ff085448cb6644c9937ad0552f573190adccbb8d413ffbfed85e1711db40335a8fa4d5c60ae7055430ef76c7bd7c17e688e52ea7f8718d6a055c7eff89e1f9dc1a009e71e3cdcf3ab01d94fe10489c62dae8815bcae3e63b7efe7c6a020b24f242e7eb9daf828cebdc2b9e33d6c1eae8067d4e3f14f78e6ecac7f032685e273ab5dd67c787d1c928ad13436a491b3beca9cd72879fcb4e2ffebf2da8bb55b01d88f018da0a7137c432f85293d4f5227fa3a5e2013a887c22bc5073a9705282ba428c0a91a5d05f96fb69689394e7d3d070eb689128c3d1094afc8f111f41bece63455fe4e789a52c52dfd82c8bdf54d48f69f1fa9d7fe73cbe1963a8b51cfa862379e47dfe9d016543e19dcae8fa77cc6789b247f7ddc1254ed24e85d418e29cb6441"}]}]]}]}, 0xec4}}, 0x0)

03:52:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb92)

03:52:28 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x1d}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:28 executing program 4:
syz_open_dev$hiddev(&(0x7f0000000000), 0x4, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000002c00), 0xffffffffffffffff)

03:52:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc00)

03:52:28 executing program 4:
r0 = syz_open_procfs$userns(0x0, &(0x7f0000003880))
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r0, 0x81f8943c, 0x0)

03:52:28 executing program 3:
r0 = socket(0x10, 0x2, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x140}}, 0x0)
getsockname$packet(r0, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0xab) (async)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$TIPC_NL_LINK_GET(r0, &(0x7f00000004c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000480)={&(0x7f0000000140)={0x32c, r1, 0x100, 0x70bd27, 0x25dfdbfd, {}, [@TIPC_NLA_PUBL={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x4}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0xffff}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x4}]}, @TIPC_NLA_NODE={0xc, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x2}]}, @TIPC_NLA_NODE={0x20, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xb71}, @TIPC_NLA_NODE_KEY_MASTER={0x4}]}, @TIPC_NLA_NODE={0xf4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_KEY={0x42, 0x4, {'gcm(aes)\x00', 0x1a, "c43bcab27632fc4920794cc1c056fd11a86a59ae1ecfbf42b429"}}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_KEY={0x46, 0x4, {'gcm(aes)\x00', 0x1e, "6f807ac0e957bed9dd66f6f7100a86f95c7adb7c58bc0d2f0b3e6dccfbf4"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x200}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY_MASTER={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_KEY={0x43, 0x4, {'gcm(aes)\x00', 0x1b, "d96e92453cced4a435244e047ca154b621a5dda14fe0d5c922f27b"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0xc57}]}, @TIPC_NLA_BEARER={0x78, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e23, @remote}}, {0x14, 0x2, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}}}}, @TIPC_NLA_BEARER_PROP={0x4}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_PROP={0x34, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x214}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x6}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0xe3}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}]}]}, @TIPC_NLA_MEDIA={0x14, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_SOCK={0x58, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x401}, @TIPC_NLA_SOCK_CON={0x3c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x7fff}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x10000}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xffffffe1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x1}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x615788ac}]}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0xffff8001}]}, @TIPC_NLA_NODE={0xa4, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x8}, @TIPC_NLA_NODE_ID={0x42, 0x3, "5622057b0ceb5f889e7103be58b6a6e95453d25061221bb52da573765486b6dc2a8701d4f37060169bbfc9d33a69e7cbebbba53cda7ce0b7a9e1a57c9f2d"}, @TIPC_NLA_NODE_KEY={0x4a, 0x4, {'gcm(aes)\x00', 0x22, "09a77f832beb91f15ccaf33503eba0d49a42fbac880e7aa367f96172e7ed7db92831"}}, @TIPC_NLA_NODE_REKEYING={0x8, 0x6, 0x3ff}]}, @TIPC_NLA_PUBL={0x44, 0x3, 0x0, 0x1, [@TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x6}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0xc}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x100}, @TIPC_NLA_PUBL_LOWER={0x8, 0x2, 0x2}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x800}, @TIPC_NLA_PUBL_TYPE={0x8, 0x1, 0x7}, @TIPC_NLA_PUBL_TYPE={0x8}, @TIPC_NLA_PUBL_UPPER={0x8, 0x3, 0x1}]}]}, 0x32c}, 0x1, 0x0, 0x0, 0x20040000}, 0x24040000)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r3, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)

03:52:28 executing program 4:
r0 = socket$packet(0x11, 0xa, 0x300)
sendmsg(r0, &(0x7f0000000a00)={&(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000200)="5e2817b257e4e2f747b6efbe48e9", 0xe}], 0x1, &(0x7f0000001800)=[{0x10}], 0xf}, 0x0)

03:52:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x68301, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  488.711612][ T8226] Bluetooth: hci7: command 0x1003 tx timeout
[  488.718834][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  490.781656][ T8226] Bluetooth: hci7: command 0x1001 tx timeout
[  490.789009][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  492.861710][ T2665] Bluetooth: hci7: command 0x1009 tx timeout
03:52:37 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x30}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:37 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc67)

03:52:37 executing program 4:
socket$packet(0x11, 0xa, 0x300)
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
sendmmsg$inet6(r0, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @multicast1=0xe0000010}}, 0x1c, 0x0}}], 0x6c00, 0x0)

03:52:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x68301, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:37 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100000000000)

03:52:37 executing program 4:
syz_usb_connect$printer(0x5, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x7, 0x1, 0x0, 0x0, "", {{{0x9, 0x5, 0x1, 0x2, 0x200}}, [{{0x9, 0x5, 0x82, 0x2, 0x3ff}}]}}}]}}]}}, 0x0)

03:52:37 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xd00)

03:52:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x68301, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x68301, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)

03:52:37 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x44}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:37 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xe00)

03:52:37 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
copy_file_range(r0, &(0x7f0000000140)=0x2, r0, &(0x7f0000000180)=0x6, 0x9, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000001c0)={[{0xfffffffe, 0xfffd, 0xf1, 0x4c, 0x7, 0x1d, 0x2, 0x0, 0x80, 0x5, 0x1f, 0x3, 0x60000}, {0x2, 0xeb8b, 0x7, 0x4, 0x40, 0x6, 0x64, 0x80, 0x0, 0x1, 0x0, 0xe1, 0xffff}, {0x6, 0x100, 0x8, 0x5, 0x9, 0x1f, 0xee, 0x5, 0x46, 0x7, 0xc5, 0xd3, 0x8000000000000001}], 0x4})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

03:52:37 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xf27)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1100)

03:52:38 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0x60}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

[  497.241820][ T3816] usb 5-1: new high-speed USB device number 4 using dummy_hcd
03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1200)

03:52:38 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async, rerun: 64)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async, rerun: 64)
copy_file_range(r0, &(0x7f0000000140)=0x2, r0, &(0x7f0000000180)=0x6, 0x9, 0x0) (async)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000001c0)={[{0xfffffffe, 0xfffd, 0xf1, 0x4c, 0x7, 0x1d, 0x2, 0x0, 0x80, 0x5, 0x1f, 0x3, 0x60000}, {0x2, 0xeb8b, 0x7, 0x4, 0x40, 0x6, 0x64, 0x80, 0x0, 0x1, 0x0, 0xe1, 0xffff}, {0x6, 0x100, 0x8, 0x5, 0x9, 0x1f, 0xee, 0x5, 0x46, 0x7, 0xc5, 0xd3, 0x8000000000000001}], 0x4}) (async, rerun: 64)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async, rerun: 64)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1800)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2000)

03:52:38 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5, 0x1f, 0xdd}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2500)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x270f)

[  497.611904][ T3816] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
03:52:38 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x4}]}]}, 0x30}}, 0x0)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3e00)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3f00)

[  497.791990][ T3816] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  497.801071][ T3816] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  497.839736][ T3816] usb 5-1: Product: syz
03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4000)

[  497.870380][ T3816] usb 5-1: Manufacturer: syz
[  497.889878][ T3816] usb 5-1: SerialNumber: syz
03:52:38 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x8}]}]}, 0x30}}, 0x0)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4800)

[  497.952006][ T8897] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4c00)

03:52:38 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5c00)

03:52:38 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x10}]}]}, 0x30}}, 0x0)

03:52:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6400)

[  498.174566][ T3653] usb 5-1: USB disconnect, device number 4
03:52:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x670c)

03:52:39 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x44}]}]}, 0x30}}, 0x0)

03:52:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6800)

03:52:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6c00)

03:52:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7400)

[  498.941690][   T25] Bluetooth: hci7: command 0x1003 tx timeout
[  498.947979][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  501.021661][ T3816] Bluetooth: hci7: command 0x1001 tx timeout
[  501.028367][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  501.264545][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  501.270849][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  503.111884][ T3653] Bluetooth: hci7: command 0x1009 tx timeout
03:52:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7f21974d4da9)

03:52:47 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x44}]}]}, 0x30}}, 0x0)

03:52:47 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7a00)

03:52:47 executing program 4:
r0 = socket$packet(0x11, 0xa, 0x300)
sendmsg(r0, &(0x7f0000000a00)={&(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @private}}}, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000200)="5e2817b257e4e2f747b6efbe48e9", 0xe}], 0x1, &(0x7f0000001800)=[{0x10}], 0x10}, 0x0)

03:52:47 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
copy_file_range(r0, &(0x7f0000000140)=0x2, r0, &(0x7f0000000180)=0x6, 0x9, 0x0)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f00000001c0)={[{0xfffffffe, 0xfffd, 0xf1, 0x4c, 0x7, 0x1d, 0x2, 0x0, 0x80, 0x5, 0x1f, 0x3, 0x60000}, {0x2, 0xeb8b, 0x7, 0x4, 0x40, 0x6, 0x64, 0x80, 0x0, 0x1, 0x0, 0xe1, 0xffff}, {0x6, 0x100, 0x8, 0x5, 0x9, 0x1f, 0xee, 0x5, 0x46, 0x7, 0xc5, 0xd3, 0x8000000000000001}], 0x4})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

03:52:47 executing program 4:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r0, &(0x7f0000003000)={0x0, 0x0, 0x0}, 0x0)

03:52:47 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x920b)

03:52:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1000000000000)

03:52:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}}, 0x0)

03:52:48 executing program 4:
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/devices/pci0000:00', 0x0, 0x0)
getsockname$packet(r0, 0x0, 0x0)

03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100000)

03:52:48 executing program 4:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000004c40)={0x28, 0x0, 0x0, @hyper}, 0x10)

03:52:48 executing program 4:
sched_setscheduler(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x42080000, 0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000000140)="ae12ac500773e546563d8161636c8883658a8a94d9089b7be709ae62d577835ab8c172cc79af31c6db1992797f0ba111e159419f1cff6ac042ed967a2286ad51c9ff350ec4092fab2d984aebcb055e7112e3047aaf127a1427e3026314e9e235ba3ce331e4ecf7710a4d4a7aed0daa7250e426a4f22d67601e994cb8052e6f98f769b6f47e6ab729a41f74839e2a34513bf0aaee08294cee711ca8b98d135ce3230bc15d74b9d3c7e72cdf138a1ae9b057b72e9645338149a15e7a5255f6c0973352b146")

03:52:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x2}]}]}, 0x30}}, 0x0)

03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1000000)

03:52:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000000)="b9a3030000b800000000ba000000800f308fc80ca25300d2c4c1fc51a20a000000b8008000000f23c00f21f83501000c000f23f82e0f01c466b813010f00d0660f388029adb805000000b91eadfce70f01d9c4c13c5f14b7", 0x58}], 0x1, 0x10, &(0x7f0000000180), 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1000080)

03:52:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x3}]}]}, 0x30}}, 0x0)

03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1080000)

03:52:48 executing program 4:
r0 = add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)
add_key(&(0x7f0000000000)='rxrpc_s\x00', &(0x7f0000000040)={'syz', 0x1}, &(0x7f0000000080)='F', 0x1, r0)

03:52:48 executing program 4:
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x5ec40)

03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x2000000)

03:52:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x4}]}]}, 0x30}}, 0x0)

03:52:48 executing program 4:
creat(&(0x7f0000000040)='./file0\x00', 0x0)
truncate(&(0x7f0000000000)='./file0\x00', 0x28a8)
creat(&(0x7f0000000140)='./file0\x00', 0x0)

03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3000000)

03:52:48 executing program 4:
syz_clone(0x42080000, &(0x7f0000000000)="c41748f5714461341f937e2dcddbe4fbc3170ae559c4f50769f11aee189990671ed4638bda21b27744c6bbf0684e8c2a23a969e3360e79c4d36c7c9d3c61a14c1790b76995014e99472199f4be7ed054f9ddfa477d2ac6932625b62e3e1282c9a67bcab71c071eb2", 0x68, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000140)="ae12ac500773e546563d8161636c8883658a8a94d9089b7be709ae62d577835ab8c172cc79af31c6db1992797f0ba111e159419f1cff6ac042ed967a2286ad51c9ff350ec4092fab2d984aebcb055e7112e3047aaf127a1427e3026314e9e235ba3ce331e4ecf7710a4d4a7aed0daa7250e426a4f22d67601e994cb8052e6f98f769b6f47e6ab729a41f74839e2a34513bf0aaee08294cee711ca8b98d135ce3230bc15d74b9d3c7e72cdf138a1ae9b057b72e9645338149a15e7a5255f6c0973352b1462ff5a2cefffb5854d6971c9fab7794f7e45e9ba371ce049b")

03:52:48 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async, rerun: 64)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (rerun: 64)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000000)="b9a3030000b800000000ba000000800f308fc80ca25300d2c4c1fc51a20a000000b8008000000f23c00f21f83501000c000f23f82e0f01c466b813010f00d0660f388029adb805000000b91eadfce70f01d9c4c13c5f14b7", 0x58}], 0x1, 0x10, &(0x7f0000000180), 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)

03:52:48 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4000000)

03:52:48 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x5}]}]}, 0x30}}, 0x0)

03:52:49 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5000000)

03:52:49 executing program 4:
syz_clone(0x20000000, &(0x7f0000000000), 0x0, 0x0, 0x0, 0x0)

03:52:49 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6000000)

03:52:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x6}]}]}, 0x30}}, 0x0)

03:52:49 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7000000)

03:52:49 executing program 4:
r0 = openat$bsg(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
connect$vsock_stream(r0, 0x0, 0x0)

03:52:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000000)="b9a3030000b800000000ba000000800f308fc80ca25300d2c4c1fc51a20a000000b8008000000f23c00f21f83501000c000f23f82e0f01c466b813010f00d0660f388029adb805000000b91eadfce70f01d9c4c13c5f14b7", 0x58}], 0x1, 0x10, &(0x7f0000000180), 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000000)="b9a3030000b800000000ba000000800f308fc80ca25300d2c4c1fc51a20a000000b8008000000f23c00f21f83501000c000f23f82e0f01c466b813010f00d0660f388029adb805000000b91eadfce70f01d9c4c13c5f14b7", 0x58}], 0x1, 0x10, &(0x7f0000000180), 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)

03:52:49 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x8000000)

03:52:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x7}]}]}, 0x30}}, 0x0)

03:52:49 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x9000000)

[  509.261547][ T3816] Bluetooth: hci7: command 0x1003 tx timeout
[  509.268958][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  511.351569][ T3653] Bluetooth: hci7: command 0x1001 tx timeout
[  511.357669][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  513.421696][ T3816] Bluetooth: hci7: command 0x1009 tx timeout
03:52:58 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100000000000000)

03:52:58 executing program 4:
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@security={'security\x00', 0xe, 0x4, 0x438, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0xffffffff, 0x368, 0x368, 0x368, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @remote}, @empty, [], [], 'wg1\x00', 'dvmrp1\x00'}, 0x0, 0xf8, 0x120, 0x0, {}, [@common=@mh={{0x28}, {"4cd5"}}, @common=@hl={{0x28}}]}, @common=@inet=@TCPMSS={0x28}}, {{@ipv6={@private1, @mcast2, [], [], 'syz_tun\x00', 'gre0\x00'}, 0x0, 0xf0, 0x130, 0x0, {}, [@common=@dst={{0x48}}]}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@ipv6={@private0, @rand_addr=' \x01\x00', [], [], 'pimreg\x00', 'pimreg1\x00'}, 0x0, 0xd0, 0x118, 0x0, {}, [@common=@ipv6header={{0x28}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@empty, 'batadv_slave_0\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x498)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xa000000)

03:52:58 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x8}]}]}, 0x30}}, 0x0)

03:52:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xb000000)

[  517.345142][ T9163] x_tables: duplicate underflow at hook 2
[  517.376602][ T5158] Bluetooth: hci7: Frame reassembly failed (-84)
03:52:58 executing program 4:
r0 = add_key$keyring(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffc)
add_key$fscrypt_provisioning(&(0x7f0000000000), 0x0, &(0x7f0000000080)={0x2, 0x0, @b}, 0x48, r0)

03:52:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xc000000)

03:52:58 executing program 4:
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000004a40), 0x0, 0x0)
ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f0000004a80))

03:52:58 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x9}]}]}, 0x30}}, 0x0)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xd000000)

03:52:58 executing program 4:
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, 0x0}, 0x0)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xe000000)

03:52:58 executing program 4:
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0}}, 0x40881)

03:52:58 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0xb}]}]}, 0x30}}, 0x0)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xf270000)

03:52:58 executing program 4:
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
keyctl$unlink(0x9, r0, 0xfffffffffffffffc)

03:52:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:52:58 executing program 4:
add_key$keyring(&(0x7f0000000480), &(0x7f00000004c0)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffb)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x10000000)

03:52:58 executing program 4:
r0 = syz_open_dev$vcsa(&(0x7f00000003c0), 0x0, 0x0)
syz_clone3(&(0x7f0000002440)={0x300180200, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000002400)=[0x0], 0x1, {r0}}, 0x58)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x11000000)

03:52:58 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0xf}]}]}, 0x30}}, 0x0)

03:52:58 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = dup3(r0, r1, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0xffffff9a, 0x9, 0x9e, 0xe6, 0x3, 0x5, 0x20, 0x1, 0x3, 0x4, 0x9, 0x80, 0x101}, {0x6, 0x6, 0x1, 0x3, 0x8, 0x5, 0x6, 0x9, 0x7, 0x1f, 0x4, 0x2, 0xe89}, {0x532d, 0x3, 0x9, 0x2b, 0x20, 0xfd, 0x7, 0x1, 0x6, 0x40, 0x8, 0x7, 0x9}]})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x4000, 0x8000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000380)="64660f388130d8f4c4e3510d110266b816010f00d00f082e0f01f70f01cfc7442400d537fa4bc7442402f7ffffffc7442406000000000f011c2464363665670fc7a800000f015f76", 0x48}], 0x1, 0x10, &(0x7f0000000140)=[@cstype3={0x5, 0x4}, @cstype3={0x5, 0x4}], 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={<r3=>r0, 0x7525, 0xff, 0xf01})
syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000480)=[@text64={0x40, &(0x7f0000000400)="2666440fc4fa5165450f74a600300000c4e36d79bb0000000002c74424000e000000c7442402379c0000ff2c2466b822000f00d066b856000f00d848b884000000000000000f23d00f21f8351000000d0f23f80f01cf6763700136ab", 0x5c}], 0x1, 0x20, &(0x7f00000004c0)=[@dstype3={0x7, 0xd}, @dstype3={0x7, 0xa}], 0x2)
fstatfs(r1, &(0x7f0000000280)=""/252)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000200)={0x8, 0x2, 0x4})

03:52:58 executing program 4:
r0 = socket(0xa, 0x1, 0x0)
connect$inet6(r0, &(0x7f0000000340)={0xa, 0x3, 0x0, @dev, 0x2}, 0x1c)
getpeername$inet6(r0, 0x0, 0x0)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x12000000)

03:52:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x18000000)

03:52:59 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x1d}]}]}, 0x30}}, 0x0)

03:52:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
r2 = dup3(r0, r1, 0x0) (async)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0xffffff9a, 0x9, 0x9e, 0xe6, 0x3, 0x5, 0x20, 0x1, 0x3, 0x4, 0x9, 0x80, 0x101}, {0x6, 0x6, 0x1, 0x3, 0x8, 0x5, 0x6, 0x9, 0x7, 0x1f, 0x4, 0x2, 0xe89}, {0x532d, 0x3, 0x9, 0x2b, 0x20, 0xfd, 0x7, 0x1, 0x6, 0x40, 0x8, 0x7, 0x9}]}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x4000, 0x8000}) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000380)="64660f388130d8f4c4e3510d110266b816010f00d00f082e0f01f70f01cfc7442400d537fa4bc7442402f7ffffffc7442406000000000f011c2464363665670fc7a800000f015f76", 0x48}], 0x1, 0x10, &(0x7f0000000140)=[@cstype3={0x5, 0x4}, @cstype3={0x5, 0x4}], 0x2) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={<r3=>r0, 0x7525, 0xff, 0xf01})
syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000480)=[@text64={0x40, &(0x7f0000000400)="2666440fc4fa5165450f74a600300000c4e36d79bb0000000002c74424000e000000c7442402379c0000ff2c2466b822000f00d066b856000f00d848b884000000000000000f23d00f21f8351000000d0f23f80f01cf6763700136ab", 0x5c}], 0x1, 0x20, &(0x7f00000004c0)=[@dstype3={0x7, 0xd}, @dstype3={0x7, 0xa}], 0x2)
fstatfs(r1, &(0x7f0000000280)=""/252) (async)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000200)={0x8, 0x2, 0x4})

03:52:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x20000000)

03:52:59 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x25000000)

[  519.421694][ T3816] Bluetooth: hci7: command 0x1003 tx timeout
[  519.428679][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  521.501776][ T3817] Bluetooth: hci7: command 0x1001 tx timeout
[  521.508338][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  523.581820][ T3817] Bluetooth: hci7: command 0x1009 tx timeout
03:53:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3e000000)

03:53:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = dup3(r0, r1, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0xffffff9a, 0x9, 0x9e, 0xe6, 0x3, 0x5, 0x20, 0x1, 0x3, 0x4, 0x9, 0x80, 0x101}, {0x6, 0x6, 0x1, 0x3, 0x8, 0x5, 0x6, 0x9, 0x7, 0x1f, 0x4, 0x2, 0xe89}, {0x532d, 0x3, 0x9, 0x2b, 0x20, 0xfd, 0x7, 0x1, 0x6, 0x40, 0x8, 0x7, 0x9}]})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x4000, 0x8000})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000380)="64660f388130d8f4c4e3510d110266b816010f00d00f082e0f01f70f01cfc7442400d537fa4bc7442402f7ffffffc7442406000000000f011c2464363665670fc7a800000f015f76", 0x48}], 0x1, 0x10, &(0x7f0000000140)=[@cstype3={0x5, 0x4}, @cstype3={0x5, 0x4}], 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={<r3=>r0, 0x7525, 0xff, 0xf01})
syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000480)=[@text64={0x40, &(0x7f0000000400)="2666440fc4fa5165450f74a600300000c4e36d79bb0000000002c74424000e000000c7442402379c0000ff2c2466b822000f00d066b856000f00d848b884000000000000000f23d00f21f8351000000d0f23f80f01cf6763700136ab", 0x5c}], 0x1, 0x20, &(0x7f00000004c0)=[@dstype3={0x7, 0xd}, @dstype3={0x7, 0xa}], 0x2)
fstatfs(r1, &(0x7f0000000280)=""/252)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000200)={0x8, 0x2, 0x4})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
dup3(r0, r1, 0x0) (async)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000180)={[{0xffffff9a, 0x9, 0x9e, 0xe6, 0x3, 0x5, 0x20, 0x1, 0x3, 0x4, 0x9, 0x80, 0x101}, {0x6, 0x6, 0x1, 0x3, 0x8, 0x5, 0x6, 0x9, 0x7, 0x1f, 0x4, 0x2, 0xe89}, {0x532d, 0x3, 0x9, 0x2b, 0x20, 0xfd, 0x7, 0x1, 0x6, 0x40, 0x8, 0x7, 0x9}]}) (async)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x4000, 0x8000}) (async)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f0000000380)="64660f388130d8f4c4e3510d110266b816010f00d00f082e0f01f70f01cfc7442400d537fa4bc7442402f7ffffffc7442406000000000f011c2464363665670fc7a800000f015f76", 0x48}], 0x1, 0x10, &(0x7f0000000140)=[@cstype3={0x5, 0x4}, @cstype3={0x5, 0x4}], 0x2) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
ioctl$F2FS_IOC_MOVE_RANGE(r1, 0xc020f509, &(0x7f0000000000)={r0, 0x7525, 0xff, 0xf01}) (async)
syz_kvm_setup_cpu$x86(r3, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000480)=[@text64={0x40, &(0x7f0000000400)="2666440fc4fa5165450f74a600300000c4e36d79bb0000000002c74424000e000000c7442402379c0000ff2c2466b822000f00d066b856000f00d848b884000000000000000f23d00f21f8351000000d0f23f80f01cf6763700136ab", 0x5c}], 0x1, 0x20, &(0x7f00000004c0)=[@dstype3={0x7, 0xd}, @dstype3={0x7, 0xa}], 0x2) (async)
fstatfs(r1, &(0x7f0000000280)=""/252) (async)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000200)={0x8, 0x2, 0x4}) (async)

03:53:08 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x30}]}]}, 0x30}}, 0x0)

03:53:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f0000000080)={0x0, 0x0, 0x0, r2})
ioctl$KVM_IOEVENTFD(r1, 0x4040ae79, &(0x7f00000000c0)={0x0, 0x0, 0x0, r2, 0x4})

03:53:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100008000000000)

03:53:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x3f000000)

03:53:08 executing program 4:
r0 = socket(0x1, 0x1, 0x0)
ioctl$IOC_PR_REGISTER(r0, 0x89e0, 0x0)

[  527.640558][ T5158] Bluetooth: hci7: Frame reassembly failed (-84)
[  527.650741][ T5158] Bluetooth: hci7: Frame reassembly failed (-84)
03:53:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x40000000)

03:53:08 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x44}]}]}, 0x30}}, 0x0)

03:53:08 executing program 4:
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendfile(0xffffffffffffffff, r0, &(0x7f0000000040), 0x0)

03:53:08 executing program 4:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
read(r0, 0x0, 0x0)

03:53:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x48000000)

03:53:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000280)={@multicast2, @multicast1, <r3=>0x0}, &(0x7f00000002c0)=0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r1, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0], <r4=>0x0, 0xb7, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0xf6, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1f, 0xa, &(0x7f0000000140)=ANY=[@ANYBLOB="8520000007e4d8e6a036d494", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000040)='syzkaller\x00', 0xed3b, 0x8f, &(0x7f00000001c0)=""/143, 0x41000, 0x4, '\x00', r3, 0x1d, r1, 0x8, &(0x7f0000000300)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x5, 0x7f, 0x8000}, 0x10, r4, r1, 0xa, &(0x7f00000006c0)=[r1, r1], &(0x7f0000000700)=[{0x3, 0x5, 0x2, 0x2}, {0x2, 0x4, 0x6, 0x4}, {0x2, 0x1, 0x6, 0xa}, {0x0, 0x3, 0xd, 0x4}, {0x1, 0x2, 0x9, 0x2}, {0x5, 0x1, 0x5, 0x8}, {0x2, 0x2, 0xb, 0xa}, {0x4, 0x3, 0xa, 0x4}, {0x1, 0x4, 0x7, 0xc}, {0x1, 0x3, 0x3, 0xb}]}, 0x90)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x94, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfecb4dec}, [@IFLA_LINKINFO={0x64, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x54, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x2, 0x1b}}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xe368, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f, 0x7}}]}, @IFLA_VLAN_INGRESS_QOS={0x8, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x82, 0x6d560}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x2}}]}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8}]}, 0x94}}, 0x40046)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x0, <r9=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x13, 0xf, &(0x7f0000002200)=ANY=[@ANYBLOB="18f13817b729f42fb8b17c33ae41c1ab000000030000000000000081001dd6ddaa0000181100004a819889cb06f1482e9eb79296bd34f277c51234439637cb917150af289b858b3535", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], 0x0, 0x7fff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0xc, 0x1, 0x6}, 0x10, r9}, 0x90)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001f00)={0xffffffffffffffff, 0x4788, 0x10}, 0xc)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001f40)={0xffffffffffffffff, 0x3, 0x8}, 0xc)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001f80)={r1, <r12=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x3, 0x1b, &(0x7f0000001c40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@generic={0x25, 0x2, 0x1, 0xec, 0x7fff}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001d40)='GPL\x00', 0x0, 0xdf, &(0x7f0000001d80)=""/223, 0x41000, 0x9, '\x00', r8, 0x23, r1, 0x8, &(0x7f0000001e80)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000001ec0)={0x1, 0x2, 0x3f, 0x9701}, 0x10, r9, 0xffffffffffffffff, 0x0, &(0x7f0000001fc0)=[r1, r10, r11, r1, r1, r12], &(0x7f0000002000), 0x10, 0x8}, 0x90)
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r13, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000001bc0)={[{0xf80, 0x1, 0x40, 0x6, 0x20, 0xa4, 0x1, 0x68, 0x46, 0x81, 0xc0, 0x1, 0x5}, {0xfffffffa, 0x5, 0x1f, 0x1, 0x4c, 0x5, 0x0, 0x50, 0x2, 0x1, 0x4c, 0x4f, 0x7}, {0x400, 0x800, 0xe9, 0x4, 0x3, 0x3, 0x8, 0x9, 0x80, 0x1, 0x6, 0xdb, 0x80000000}], 0xd8cc})
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001b80)={@ifindex=r3, 0x1, 0x1, 0x3, &(0x7f0000001a80)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000001ac0)=[0x0, 0x0, 0x0], &(0x7f0000001b00)=[0x0], &(0x7f0000001b40)=[0x0, 0x0, 0x0]}, 0x40)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000880)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r15=>0x0})
ioctl$BTRFS_IOC_RM_DEV_V2(r14, 0x5000943a, &(0x7f0000000a80)={{r5}, r15, 0xe, @unused=[0x7, 0x0, 0x6, 0x4], @subvolid=0x2})

03:53:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
fsetxattr$system_posix_acl(r0, &(0x7f0000000000)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)

03:53:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x4c000000)

[  527.978303][ T9298] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  528.006406][ T9298] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
03:53:08 executing program 4:
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000002340)='./binderfs/binder1\x00', 0x0, 0x0)
read(r0, 0x0, 0x0)

03:53:08 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0x60}]}]}, 0x30}}, 0x0)

03:53:08 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000280)={@multicast2, @multicast1, <r3=>0x0}, &(0x7f00000002c0)=0xc) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r1, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0], <r4=>0x0, 0xb7, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0xf6, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1f, 0xa, &(0x7f0000000140)=ANY=[@ANYBLOB="8520000007e4d8e6a036d494", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000040)='syzkaller\x00', 0xed3b, 0x8f, &(0x7f00000001c0)=""/143, 0x41000, 0x4, '\x00', r3, 0x1d, r1, 0x8, &(0x7f0000000300)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x5, 0x7f, 0x8000}, 0x10, r4, r1, 0xa, &(0x7f00000006c0)=[r1, r1], &(0x7f0000000700)=[{0x3, 0x5, 0x2, 0x2}, {0x2, 0x4, 0x6, 0x4}, {0x2, 0x1, 0x6, 0xa}, {0x0, 0x3, 0xd, 0x4}, {0x1, 0x2, 0x9, 0x2}, {0x5, 0x1, 0x5, 0x8}, {0x2, 0x2, 0xb, 0xa}, {0x4, 0x3, 0xa, 0x4}, {0x1, 0x4, 0x7, 0xc}, {0x1, 0x3, 0x3, 0xb}]}, 0x90) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x94, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfecb4dec}, [@IFLA_LINKINFO={0x64, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x54, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x2, 0x1b}}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xe368, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f, 0x7}}]}, @IFLA_VLAN_INGRESS_QOS={0x8, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x82, 0x6d560}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x2}}]}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8}]}, 0x94}}, 0x40046) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x0, <r9=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x13, 0xf, &(0x7f0000002200)=ANY=[@ANYBLOB="18f13817b729f42fb8b17c33ae41c1ab000000030000000000000081001dd6ddaa0000181100004a819889cb06f1482e9eb79296bd34f277c51234439637cb917150af289b858b3535", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], 0x0, 0x7fff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0xc, 0x1, 0x6}, 0x10, r9}, 0x90)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001f00)={0xffffffffffffffff, 0x4788, 0x10}, 0xc)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001f40)={0xffffffffffffffff, 0x3, 0x8}, 0xc) (async)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001f80)={r1, <r12=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x3, 0x1b, &(0x7f0000001c40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@generic={0x25, 0x2, 0x1, 0xec, 0x7fff}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001d40)='GPL\x00', 0x0, 0xdf, &(0x7f0000001d80)=""/223, 0x41000, 0x9, '\x00', r8, 0x23, r1, 0x8, &(0x7f0000001e80)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000001ec0)={0x1, 0x2, 0x3f, 0x9701}, 0x10, r9, 0xffffffffffffffff, 0x0, &(0x7f0000001fc0)=[r1, r10, r11, r1, r1, r12], &(0x7f0000002000), 0x10, 0x8}, 0x90) (async)
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r13, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) (async)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000001bc0)={[{0xf80, 0x1, 0x40, 0x6, 0x20, 0xa4, 0x1, 0x68, 0x46, 0x81, 0xc0, 0x1, 0x5}, {0xfffffffa, 0x5, 0x1f, 0x1, 0x4c, 0x5, 0x0, 0x50, 0x2, 0x1, 0x4c, 0x4f, 0x7}, {0x400, 0x800, 0xe9, 0x4, 0x3, 0x3, 0x8, 0x9, 0x80, 0x1, 0x6, 0xdb, 0x80000000}], 0xd8cc}) (async)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001b80)={@ifindex=r3, 0x1, 0x1, 0x3, &(0x7f0000001a80)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000001ac0)=[0x0, 0x0, 0x0], &(0x7f0000001b00)=[0x0], &(0x7f0000001b40)=[0x0, 0x0, 0x0]}, 0x40) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000880)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r15=>0x0})
ioctl$BTRFS_IOC_RM_DEV_V2(r14, 0x5000943a, &(0x7f0000000a80)={{r5}, r15, 0xe, @unused=[0x7, 0x0, 0x6, 0x4], @subvolid=0x2})

03:53:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x5c000000)

03:53:09 executing program 4:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f0000000040))
ioctl$PPPIOCSFLAGS1(r0, 0x40047459, &(0x7f0000000000))

03:53:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x64000000)

[  528.201608][ T9311] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
[  528.253191][ T9311] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
03:53:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x670c0000)

03:53:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5, 0x1d, 0xdd}]}]}, 0x30}}, 0x0)

03:53:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x8000, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
getsockopt$inet_mreqn(r1, 0x0, 0x24, &(0x7f0000000280)={@multicast2, @multicast1, <r3=>0x0}, &(0x7f00000002c0)=0xc) (async)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000680)={r1, 0xe0, &(0x7f0000000580)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, &(0x7f0000000380)=[0x0, 0x0, 0x0, 0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x7, 0x1, &(0x7f00000003c0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000400)=[0x0], <r4=>0x0, 0xb7, &(0x7f0000000440)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x48, 0x10, &(0x7f00000004c0), &(0x7f0000000500), 0x8, 0xf6, 0x8, 0x8, &(0x7f0000000540)}}, 0x10)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x1f, 0xa, &(0x7f0000000140)=ANY=[@ANYBLOB="8520000007e4d8e6a036d494", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000020000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000082000000"], &(0x7f0000000040)='syzkaller\x00', 0xed3b, 0x8f, &(0x7f00000001c0)=""/143, 0x41000, 0x4, '\x00', r3, 0x1d, r1, 0x8, &(0x7f0000000300)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000340)={0x3, 0x5, 0x7f, 0x8000}, 0x10, r4, r1, 0xa, &(0x7f00000006c0)=[r1, r1], &(0x7f0000000700)=[{0x3, 0x5, 0x2, 0x2}, {0x2, 0x4, 0x6, 0x4}, {0x2, 0x1, 0x6, 0xa}, {0x0, 0x3, 0xd, 0x4}, {0x1, 0x2, 0x9, 0x2}, {0x5, 0x1, 0x5, 0x8}, {0x2, 0x2, 0xb, 0xa}, {0x4, 0x3, 0xa, 0x4}, {0x1, 0x4, 0x7, 0xc}, {0x1, 0x3, 0x3, 0xb}]}, 0x90) (async)
r6 = socket$nl_route(0x10, 0x3, 0x0) (async)
r7 = socket(0x1, 0x803, 0x0)
getsockname$packet(r7, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=@newlink={0x94, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xfecb4dec}, [@IFLA_LINKINFO={0x64, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x54, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6}, @IFLA_VLAN_FLAGS={0xc, 0x2, {0x2, 0x1b}}, @IFLA_VLAN_INGRESS_QOS={0x4}, @IFLA_VLAN_EGRESS_QOS={0x1c, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0xe368, 0x3}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x7f, 0x7}}]}, @IFLA_VLAN_INGRESS_QOS={0x8, 0x4, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x82, 0x6d560}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x2}}]}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8}]}, 0x94}}, 0x40046) (async)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000740)={0x0, <r9=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x13, 0xf, &(0x7f0000002200)=ANY=[@ANYBLOB="18f13817b729f42fb8b17c33ae41c1ab000000030000000000000081001dd6ddaa0000181100004a819889cb06f1482e9eb79296bd34f277c51234439637cb917150af289b858b3535", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b7000000000000009500000000000000"], 0x0, 0x7fff, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x24, 0xffffffffffffffff, 0x8, &(0x7f0000000180)={0x2, 0x4}, 0x8, 0x10, &(0x7f00000003c0)={0x2, 0xc, 0x1, 0x6}, 0x10, r9}, 0x90)
r10 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001f00)={0xffffffffffffffff, 0x4788, 0x10}, 0xc) (async, rerun: 64)
r11 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000001f40)={0xffffffffffffffff, 0x3, 0x8}, 0xc) (async, rerun: 64)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000001f80)={r1, <r12=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000002040)={0x3, 0x1b, &(0x7f0000001c40)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@generic={0x25, 0x2, 0x1, 0xec, 0x7fff}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x5}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001d40)='GPL\x00', 0x0, 0xdf, &(0x7f0000001d80)=""/223, 0x41000, 0x9, '\x00', r8, 0x23, r1, 0x8, &(0x7f0000001e80)={0xa, 0x5}, 0x8, 0x10, &(0x7f0000001ec0)={0x1, 0x2, 0x3f, 0x9701}, 0x10, r9, 0xffffffffffffffff, 0x0, &(0x7f0000001fc0)=[r1, r10, r11, r1, r1, r12], &(0x7f0000002000), 0x10, 0x8}, 0x90)
r13 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r13, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r14 = ioctl$KVM_CREATE_VCPU(r13, 0xae41, 0x0) (async, rerun: 32)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000001bc0)={[{0xf80, 0x1, 0x40, 0x6, 0x20, 0xa4, 0x1, 0x68, 0x46, 0x81, 0xc0, 0x1, 0x5}, {0xfffffffa, 0x5, 0x1f, 0x1, 0x4c, 0x5, 0x0, 0x50, 0x2, 0x1, 0x4c, 0x4f, 0x7}, {0x400, 0x800, 0xe9, 0x4, 0x3, 0x3, 0x8, 0x9, 0x80, 0x1, 0x6, 0xdb, 0x80000000}], 0xd8cc}) (async, rerun: 32)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001b80)={@ifindex=r3, 0x1, 0x1, 0x3, &(0x7f0000001a80)=[0x0, 0x0, 0x0, 0x0, 0x0], 0x5, 0x0, &(0x7f0000001ac0)=[0x0, 0x0, 0x0], &(0x7f0000001b00)=[0x0], &(0x7f0000001b40)=[0x0, 0x0, 0x0]}, 0x40) (async)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r2, 0x81f8943c, &(0x7f0000000880)={0x0, ""/256, 0x0, 0x0, 0x0, 0x0, ""/16, ""/16, ""/16, 0x0, <r15=>0x0})
ioctl$BTRFS_IOC_RM_DEV_V2(r14, 0x5000943a, &(0x7f0000000a80)={{r5}, r15, 0xe, @unused=[0x7, 0x0, 0x6, 0x4], @subvolid=0x2})

03:53:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x68000000)

03:53:09 executing program 4:
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
fsync(r0)

03:53:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x6c000000)

03:53:09 executing program 4:
writev(0xffffffffffffffff, &(0x7f0000001600)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9)

[  528.471611][ T9335] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.3'.
03:53:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x10}}, 0x0)

[  528.526979][ T9335] netlink: 4 bytes leftover after parsing attributes in process `syz-executor.3'.
03:53:09 executing program 4:
sendmsg$unix(0xffffffffffffffff, &(0x7f0000001240)={0x0, 0x0, 0x0, 0xfffffffffffffead, &(0x7f00000011c0)=[@cred], 0x20}, 0x0)

03:53:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x74000000)

03:53:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getresuid(&(0x7f0000000000), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140))
lseek(r1, 0x6, 0x6)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000501, r2, &(0x7f0000000180))
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:09 executing program 4:
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@random="fbc66812d674", @random="00679e30bf00", @val, {@ipv6}}, 0x0)

03:53:09 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7a000000)

03:53:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x14}}, 0x0)

03:53:09 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
getresuid(&(0x7f0000000000), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140))
lseek(r1, 0x6, 0x6) (async)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000501, r2, &(0x7f0000000180)) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  529.661831][ T3653] Bluetooth: hci7: command 0x1003 tx timeout
[  529.668937][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  531.741675][ T3653] Bluetooth: hci7: command 0x1001 tx timeout
[  531.748077][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  533.831863][ T3817] Bluetooth: hci7: command 0x1009 tx timeout
03:53:18 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x108000000000000)

03:53:18 executing program 4:
pipe(&(0x7f0000001200)={<r0=>0xffffffffffffffff})
fchmod(r0, 0x0)

03:53:18 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x920b0000)

03:53:18 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
getresuid(&(0x7f0000000000), &(0x7f0000000040)=<r2=>0x0, &(0x7f0000000140)) (async)
lseek(r1, 0x6, 0x6)
quotactl_fd$Q_GETINFO(r1, 0xffffffff80000501, r2, &(0x7f0000000180)) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:18 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x44}}, 0x0)

03:53:18 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x97ffffff)

03:53:18 executing program 4:
r0 = socket$unix(0x1, 0x5, 0x0)
fcntl$lock(r0, 0x7, 0x0)

03:53:18 executing program 3:
r0 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000000)="f30f38f6f3f2c366b9780b00000f32c4e20dcf6705808764360066b99a0100000f3266b9170000000f32440f20c0663508000000440f22c0f30fa6c8660f71e2f6", 0x41}], 0x1, 0x2a, &(0x7f0000000180)=[@vmwrite={0x8, 0x0, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @cr0], 0x2)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  537.887655][ T3546] Bluetooth: hci7: sending frame failed (-49)
03:53:18 executing program 4:
syz_emit_ethernet(0x92, &(0x7f0000000100)={@local, @remote, @val, {@ipv6}}, 0x0)

03:53:18 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0xc0}}, 0x0)

03:53:18 executing program 4:
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r0 = socket(0x18, 0x1, 0x0)
r1 = socket(0x18, 0x2, 0x0)
setsockopt(r1, 0x1000000000029, 0xa, &(0x7f0000000140)='\x00\x00\x00\x00', 0x4)
dup2(r1, r0)
setsockopt(r0, 0x1000000029, 0xc, &(0x7f0000000000)="ebffcbff13b9fd812eaa4e713048e69931929648", 0x14)

03:53:18 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfdfdffff)

03:53:18 executing program 4:
shmctl$SHM_LOCK(0xffffffffffffffff, 0x3)

03:53:19 executing program 3:
r0 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x1}) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x1})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000000)="f30f38f6f3f2c366b9780b00000f32c4e20dcf6705808764360066b99a0100000f3266b9170000000f32440f20c0663508000000440f22c0f30fa6c8660f71e2f6", 0x41}], 0x1, 0x2a, &(0x7f0000000180)=[@vmwrite={0x8, 0x0, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @cr0], 0x2)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:53:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfdffffff)

03:53:19 executing program 4:
pipe(&(0x7f0000001200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
openat(r0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)

03:53:19 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0xec0}}, 0x0)

03:53:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfeffffff)

03:53:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r0)
recvmsg$unix(r1, &(0x7f0000000840)={&(0x7f0000000080), 0x6e, &(0x7f0000000780)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x9}, 0x0)

03:53:19 executing program 3:
r0 = socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x1}) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000000)="f30f38f6f3f2c366b9780b00000f32c4e20dcf6705808764360066b99a0100000f3266b9170000000f32440f20c0663508000000440f22c0f30fa6c8660f71e2f6", 0x41}], 0x1, 0x2a, &(0x7f0000000180)=[@vmwrite={0x8, 0x0, 0xa, 0x0, 0x1, 0x0, 0x0, 0x0, 0x3}, @cr0], 0x2) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:53:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfffffdfd)

03:53:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$unix(r0, &(0x7f0000002840)={0x0, 0x0, 0x0}, 0x0)

03:53:19 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000001a40)={0x0, 0x0, &(0x7f0000001940)=[{&(0x7f0000001780)=""/138, 0x8a}], 0x1}, 0x0)
sendmsg$tipc(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000080)="de", 0x1}], 0x1}, 0x0)

03:53:19 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x33fe0}}, 0x0)

03:53:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xffffff7f)

03:53:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xffffff97)

03:53:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000000))

03:53:19 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f00000013c0)={0x0, 0x0, &(0x7f00000012c0)=[{&(0x7f0000000180)=""/104, 0x68}], 0x1}, 0x12142)

03:53:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfffffffd)

03:53:19 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x200000f0}}, 0x0)

03:53:19 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x0)
close(r0)

03:53:19 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000000))

[  539.911662][ T3817] Bluetooth: hci7: command 0x1003 tx timeout
[  539.918359][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  541.981824][ T3816] Bluetooth: hci7: command 0x1001 tx timeout
[  541.988774][ T3546] Bluetooth: hci7: sending frame failed (-49)
[  544.071876][ T3817] Bluetooth: hci7: command 0x1009 tx timeout
03:53:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x200000000000000)

03:53:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0xfffffffe)

03:53:28 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
close(r0)
recvmsg$unix(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f00000003c0)=[{0x0}], 0x1, &(0x7f0000000500)=[@rights={{0x14, 0x1, 0x1, [<r2=>0xffffffffffffffff]}}, @cred={{0x1c}}, @cred={{0x1c}}, @cred={{0x1c}}], 0x78}, 0x40000000)
write$cgroup_netprio_ifpriomap(r2, &(0x7f0000000480)={'pimreg1'}, 0xa)

03:53:28 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x7ffff000}}, 0x0)

03:53:28 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async, rerun: 32)
ioctl$AUTOFS_IOC_EXPIRE_MULTI(r0, 0x40049366, &(0x7f0000000000))

03:53:28 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x0)

03:53:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100000000000)

03:53:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0xfffffdef}}, 0x0)

03:53:29 executing program 4:
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000080)="cfd1457c839a", 0x6}, {&(0x7f00000000c0)="6834918518ebed85e3cce6fa7e5b937be6c98d63119d04c5f13ee0234f3cbde62e62b3cf617abe48c3e741216d9adc3d85ebf6dfb068847bf134eb831ef4d10049fe95a7f4ce9544ad7e99b4bdc6fef730007b58322383b13eb030c39697baa3e7ecbf9cc2f95674d75e", 0x6a}, {&(0x7f0000000140)="85525b30c81bb91fe6879ddbdb55961808d64547518d4ade4488982d3b1a68eb8e2c0f7e7098a5bfe108fd60a543350e49b1adfde609c5346a7dae58d31152cb4ad94d37370bf493fade70f952f5463261da247edd705ff751d0a5a61d06629b3e45a4b28fe942e434c1ccdd45ad6c3919515dcab379", 0x76}, {&(0x7f00000001c0)="e4e65267f6e022f8e065ed4e7853af01ce36421ace76118cf9c70851df4d45", 0x1f}, {&(0x7f0000000200)="9a70b9d7c3b482dd21bd6da296d7ec93dbd44be01d", 0x15}], 0x5, &(0x7f0000000580)=ANY=[], 0x280}, 0x0)
recvmsg(r0, &(0x7f0000003280)={0x0, 0x0, &(0x7f0000002200)=[{&(0x7f0000001000)=""/4096, 0x1000}], 0x1}, 0x0)

03:53:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x7, 0x0, 0x7, 0x6, 0x4, 0xd3, 0x30, 0x8, 0x1, 0x6, 0x2, 0x2}, {0x9, 0x6, 0x1, 0x1f, 0x20, 0x40, 0x6, 0x9, 0x3, 0x2, 0x3, 0x6, 0x1}, {0x3, 0x6, 0x2, 0x7, 0x0, 0x7f, 0x0, 0x9, 0x8, 0x9, 0xe1, 0x9f, 0x4}], 0x7})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  548.282532][ T3537] Bluetooth: hci8: sending frame failed (-49)
03:53:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x2}, 0x0)

03:53:29 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg$unix(r1, &(0x7f00000004c0)={&(0x7f0000000300), 0x6e, 0x0, 0x0, 0x0, 0x40}, 0x0)
close(r0)

03:53:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x7, 0x0, 0x7, 0x6, 0x4, 0xd3, 0x30, 0x8, 0x1, 0x6, 0x2, 0x2}, {0x9, 0x6, 0x1, 0x1f, 0x20, 0x40, 0x6, 0x9, 0x3, 0x2, 0x3, 0x6, 0x1}, {0x3, 0x6, 0x2, 0x7, 0x0, 0x7f, 0x0, 0x9, 0x8, 0x9, 0xe1, 0x9f, 0x4}], 0x7})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x7, 0x0, 0x7, 0x6, 0x4, 0xd3, 0x30, 0x8, 0x1, 0x6, 0x2, 0x2}, {0x9, 0x6, 0x1, 0x1f, 0x20, 0x40, 0x6, 0x9, 0x3, 0x2, 0x3, 0x6, 0x1}, {0x3, 0x6, 0x2, 0x7, 0x0, 0x7f, 0x0, 0x9, 0x8, 0x9, 0xe1, 0x9f, 0x4}], 0x7}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)

03:53:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x3}, 0x0)

03:53:29 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$sock(r0, &(0x7f00000001c0)={&(0x7f0000000040)=@rxrpc=@in6={0x21, 0x0, 0x2, 0x1c, {0xa, 0x0, 0x0, @remote}}, 0x80, 0x0}, 0x0)

03:53:29 executing program 4:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000f00), 0x48)
bpf$MAP_DELETE_BATCH(0x1b, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, r0}, 0x38)

03:53:29 executing program 4:
socketpair$unix(0x1, 0x0, 0x0, 0x0)
syz_clone(0x120000, &(0x7f00000003c0), 0x0, &(0x7f00000004c0), 0x0, &(0x7f0000000540))
socketpair(0x2c, 0x0, 0x0, &(0x7f0000000640))
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000900)={0xffffffffffffffff, 0x0, 0x8}, 0xc)
sendmsg(0xffffffffffffffff, &(0x7f00000035c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000030c0)=[{0x10}], 0x10}, 0x0)

03:53:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x0, 0x7, 0x0, 0x7, 0x6, 0x4, 0xd3, 0x30, 0x8, 0x1, 0x6, 0x2, 0x2}, {0x9, 0x6, 0x1, 0x1f, 0x20, 0x40, 0x6, 0x9, 0x3, 0x2, 0x3, 0x6, 0x1}, {0x3, 0x6, 0x2, 0x7, 0x0, 0x7f, 0x0, 0x9, 0x8, 0x9, 0xe1, 0x9f, 0x4}], 0x7}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x4}, 0x0)

03:53:29 executing program 4:
syz_clone(0x40000000, &(0x7f0000000000)="a851c5da1cdf467fbe480a710a8160a4210ae221633ef6409cf78633ffee415511dbc17c4047b95b3f7229fbfe9c4180a39676554b47b47ba350aa26bd0a38216e6dd620190a5118fc6083083985d9cf66926e8139539d40add9ab1eb95653270506bd339834dd58e4e78a8b6ee155bbba9e41e489acd6a21aa141897c340f1854574bd9cedcf3f713cc09cd6f8ff5e3c0ba2256b2b7ef77006d8cdf9fb9c9c3df4f25beddfab0d9afb4e5a3a8b5af15c40dc79907b81b65acc2f0df83c67a221661a04fd71d3811966ff2ec6b74745e64821d2a58ee481da4002a67c4f60e2aebf8b56810", 0xe5, &(0x7f0000000100), &(0x7f0000000140), &(0x7f0000000180)="dcbe6163b3372c9818b01931f449f482a2066c293a9d946b8548215f60211ffa44738cb075f309274bcc5fa59fb766c952ed0e5abd78cc2568f1a21decdae444dd0a64b26ccea754c957139a26b667a04f00e7167d00cf4a4ea7d630d9216a69583631fbc84b2139d4480a06432c804f5bfeb3b063da230898ef4331a13de3e53e9589c82934f515e587c2664e251d15359782fc312326889354b20dc3db181d8ba262d6eca3b2347ced3e0046956dba7a10d207956b00cf01f7d807714afcf333d2c46edf3b127123b0")

03:53:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
dup3(r1, r0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000000)="430f2160260fc77fad440f01c5400f22466580c10066bad00466edc4017929042b66baf80cb84928b28def66bafc0cecb8010000000f01d93e0f0fb95cf4d01897", 0x41}], 0x1, 0x7, &(0x7f0000000180)=[@cstype0={0x4, 0xa}], 0x1)

03:53:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x5}, 0x0)

03:53:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x6}, 0x0)

03:53:29 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
dup3(r1, r0, 0x0) (async)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000000)="430f2160260fc77fad440f01c5400f22466580c10066bad00466edc4017929042b66baf80cb84928b28def66bafc0cecb8010000000f01d93e0f0fb95cf4d01897", 0x41}], 0x1, 0x7, &(0x7f0000000180)=[@cstype0={0x4, 0xa}], 0x1)

03:53:29 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x7}, 0x0)

03:53:30 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
close(r2)
sendmsg$unix(r1, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)=[@rights={{0x1c, 0x1, 0x1, [r0, r0, r2]}}], 0x20}, 0x0)

03:53:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
dup3(r1, r0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, &(0x7f0000000000)="430f2160260fc77fad440f01c5400f22466580c10066bad00466edc4017929042b66baf80cb84928b28def66bafc0cecb8010000000f01d93e0f0fb95cf4d01897", 0x41}], 0x1, 0x7, &(0x7f0000000180)=[@cstype0={0x4, 0xa}], 0x1)

03:53:30 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x8}, 0x0)

03:53:30 executing program 4:
openat$tun(0xffffffffffffff9c, &(0x7f0000002040), 0x848700, 0x0)

03:53:30 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r0, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)

03:53:30 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r0, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)

03:53:30 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x9}, 0x0)

[  550.141534][ T3653] Bluetooth: hci7: command 0x1003 tx timeout
[  550.149002][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  550.301654][   T25] Bluetooth: hci8: command 0x1003 tx timeout
[  550.308964][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  552.231625][ T8226] Bluetooth: hci7: command 0x1001 tx timeout
[  552.238508][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  552.382038][ T8226] Bluetooth: hci8: command 0x1001 tx timeout
[  552.388993][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  554.311666][   T25] Bluetooth: hci7: command 0x1009 tx timeout
[  554.461673][   T25] Bluetooth: hci8: command 0x1009 tx timeout
03:53:39 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x300000000000000)

03:53:39 executing program 4:
syz_clone(0x9120000, 0x0, 0x0, 0x0, 0x0, 0x0)

03:53:39 executing program 3:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r0, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)

03:53:39 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0xa}, 0x0)

03:53:39 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r0, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x4})
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0xc8380, 0x0)
sendmsg$kcm(r0, &(0x7f00000015c0)={&(0x7f0000000300)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000380)="081859d4afaab5d972142559332f4c6cdc233dc51c371cd4922278f64da9bb5a4a71f3a59e0e510a05369c789729dfd6f80a8d0813ffb7cb4e0647dea5541f7d93b3ac0746d54826f9a3d812eda7dacd09fefad1a030ccfd378dacf1a883cce324d95df62d4327e82115c7cc3afb86f892777014bca21c5df106ce487b4a885e5c668bb585583be32f10367b48f98fb8bf0e0c590e6c31770ba95ef866c662149ec1cd25a441ccfb5b9a161a879e7527a1f17123132f31bfa8820855c759fcf06e17e9f41eab01134935f123f982cc278b15da43e4ecc3c780a303aaf2e9d49b8680af3ef90b5315fa41ef0eaff44211dea1b69abdb95555591538dd646863bc08abc1bfd48c2f80475fa50f36784ab1a833e81cd12e415f5be6536b51f01d078935c40f8b4af34e599da517c1ccaefcf431a1e0a844138bb28a7abdc81464082b470df9ddab26ab45bd3da55ebc56ca6d7f50b4d75a4744660d028574d5c0b9879573b1963431742944dbe58b11ca82a7e298fcb21186cf107def45abcd4714345c49e7d48adb9afe41e30d8dfc76e46b5e3458bdb4801b90c8944cddfc9c04985a85eb8b38b13cbe04de3874caef8f80d8267b29af612e1eff3700cc569bc30968db63affb9a1ce7895462b2777588a65ab7190f923e6b92c508761bd69e6c0127da510e709064d50f5ba6515f237c8703193446595233c1ffabe37284e013883c53e3f1262d237c1c0a9b2a063e638aa559ab330c11d1f6da1c5374312e89ac5d17d96bd59191e0f8843a45402cb15dd09512e006976ee75959a6d8a5737234c33e9967ff326264f9a750354670a6e0127d03dd850acd88a621c86be97e5fe2c754005f8d33b9588c6635b4c1429ddcc45b90e8b309c397a13b298e466c14f39a88370a031c8c05acf6876f8ba43f1ec1655ce68b5529a0451f8862ad79099718667a2d06db79bf69db82f3b8caa502932c251c5836e9c96af686bc40ad1469ddcf54bf51978343e5cc72fc524e2d3a7a7c9706cb598c23b6d1cfac3ad5d1ef32103d714b766d7cc941506fab8e5d7b0e80e8bd40e79c0d3407c26cb374c23d5429bd751255adced71a3281e7ab8204f960661323e6d5a58471d2f426f6ac7b739a775634205b07e7fe16d64159b99e87a1fbc52e9d1235e3a2762419dcb2320d0e8e1d341b92afd667099a1bb75214ea5dfc53bc558b789dd70bb899037852a2d2528f0d06512d2eb55741b69a2692cbe3262ea1ec8fa0acf7b725d2c8cbd2a1d4e7dadb0263613cb8fcf53c436045947b317b1e8fce17806abf9cd394d0862bba42080c379be7deeb7e45b878e789e8cd3dd5754a4186c1ef4f58b471513b7644c35a4dcc5f2ea550819887c254f701da81664620a801332b78404366828a83615022e16657cd06c35fcb221e4130238acef2f166073611151f4d0bb026b800f90c216f7ca5a1ec6c7c8c5c43f49b64d0526cd74173ad06d8e6881caab5eae05d1061ae40cd5efae624496aaf9d07328ca90a95a0b2210f5e19ec75ad5ae178d8b06b56937221918af4d6489564b64b4255e86f68dc915bb9d98d7b2e3f8e68ce4e2280dfd1a882380111f7fd8e1eab4d055ea1defc2c49822989703f4784a9a44ffbc033cd8725e63df85184269c68b3b5ed724aeabcbbe291a169af7724842ee231ad80f3c8bed0a0050c7974e3042e97c812dac04108a75667c3175bafdde82cca092ea3ceecf6a4109a514e1696072d776311630169cedec8049bb6ef8039e48582d32654f7bb9a03e4838543f0e047dc780a079dec8f250d452cb659969eb8d4cd6a2570119308d717b1b3bae525156457584610987229bc3a70add26ab990a4045b85597978d439d74ae52f667863dbbb3a638430c9935f1f3b9fcf1770fef480031c7c6260cdc57bd32868626195f053f3a0a62953f6a74a0ad3b8df08b8683e1c36b4ac8e3bc139fd3339efcee1710956855619542d2708a37802b822a33a7efde5e42a60586ae229dece26a56a7e98d268b12a9c0b56d404b634abf7d0e90804fac124c47dac59bbc4618180829e8638f8909fca89390985cb16b556bea4ce6307eff760e80c02eaaa26930417ceb798cf4fc6a41b76d96624efea7de10979c772a0ba65c41a0b65e14a6ab1b4031450eaa6bfb6576e97b409b0fe33e8541413f2e5886bd4de852db59e26d4732d1f0ff0e75f61ebbc4869ed29fea8806331b786eb601a0bb07f8f68afaceb1fd7c4ad5cb884f1b817a059d56890b79a454212076a479095b67e616cc25ae662ef5b883a2d9181add975a28b29626e83046cf9948d13a5df52eb3fa63889327590a9b1ca3d8c9317576ceee71396ff308fb1d7b57f3d3e9e97d7a5abab8f622c39da311ef542434dce183c0b57a7d611c0110af3f93b1f7253ec38ba017600df4051e596567afd52f9db984a2c2fd0a3027e57e17ac8a0db803697a37763bbb56083cb8f517121e9594c496f53cbe2ffd7018520f436039c6dfb00028ca3a06a545363832d834b072eca838965794de261830719a9775fbc63e80c970edf96fbfa2ed454fa8cded298f6e1dc9387539e7d5cc2ddddde0372860d977f83302b20e37495b8efba3fe20f4c357ee8e89171a1aaea0154731ff59d9a259dc548d893124f49aff4f96d9edbe234bb026113ba2f5981f94bc19959c58b285c704f78d3da5db3092cff3d6219c3981210f11ad67aeb2f0b43b660cceea2511e4d8bf9daebc9145be649d09dbdd37675c21b8d56ad3cf7ad81551008c8a141a56db93cc664b3b2b11c4d32c6bd5ec0f19a0a2f681d5d889942e4b5bf8cf60fd139fb1141ac5903adfacff5c8e424ae9a5b9907f5345d69afb9b1ca8ccb832a1896f9356098aa6a364a90425a7171b135ad83748973584e24a7f200f860e98ee40ae6fbeb689a7c98b8730099c6e8b3224d659d3bca5d35c34c5b75ebd583a00770989e2256152b12a381f97a4cec31876a01123499aae73573547e5aee742d80e99a9c9485f29591c10acb8e8c51a4d69cf8302da725422e3760ce4b240898d3e1d6d540da3f4a6859adad55a12f78525a19cfdb0591e39f6a460bede1a92c47befc10f19a2748e790356e786d4877baaf04253e1cfed17ea276de861b1f3f39d0a97d7cb23576253e0202e97e6a2c6a08dc3c41335d483fc5c22c85b1fd04f87bcc7fbf12cf27c525d6fb0d2b7add2267382ba0f3830e82ea396d8da08acf5929bdc640d0667c5ef1fdfe98a4088e81bf6c0af671a39e64726a029646a92cb3abae63b4da58efa49fa544f9d4f833ba14da89fe6ac07bf760594f80cf5e8b2a86091afebe95ec87356d44ce381ff2f4d352977623db351f49a71e67754ceebd2a0a6c6688fd2e14b8bf5bac2472fe93fa367dfd188d0b3f0820c62e7698e9b2b532f32b5b7c7a3cbb1632674105e52c5a3575529d9d1c27465c1f336339affb828639b24f9b4ad359a9291a391727142f506db29c85299c5baf2b0c1292e63d028798388e66adc6781015b96950da419ae364add6332ec2e6d85bc875a6c79db980af169ee667753f02244649490f15e995a3faaa41da6a7c86a3e9b07d992bae6113176a08def4ccbad62b6017009174b614737dc813fdb30206c739e5aefb3bfc336faa2355bbb1a531c0f4069bc6bddb16801162f132885564d0f0e3ca6db6261c36576d6d76c6562233a47ef8e7c48dff4e5c2744a638fff91051623789ed09b230218e1280af8b0190d927819c419f94dfbfd622d606b9b7bc96b2570879f522e5989425c4b208b98d1729bb3717536dbe889140c698310208eae20c55c4f957cb67c8afc0a940d76c1f95c01afc95bad35d36d1bd27d803188f679811afcbe5f3a53116eaa6263db85eb768823533b4405dd094e526475b39c20223bc1770243eec209c8770932efdf7edf822b7885bb5a78285d2bc4af006ef7591ce11fa863d21f2296aa0eafe103227374830d4a02f153c87816baa41f24a9f50d03bf233c7a9f3ed5200b6eb8432664fb6d7773d67cdf3631a7dde2ae3bdf9ff16933d9a2950382817088463904bcd0532a5e1c710b966f058af33e3c2bd74d721a58acecfb5d88636a437979e19e0e4f6f5f8ff24d3bff285eab221483a05da2d4aa4546e38af7ac27c4bb38bb4ca6d6ce303f48ca6138b861d028989eba254414032512c5375187533dd003a27ddd6e0a75c707ba79ce8f968c8a84db80e53eb2469fc42d18c4b8a7c8385288a8dfa92472cc9fd81b1701e0b6d55b351486a1eb5295e10bdd70d50fb59ae9d3ea72e7ef18dc2c1db0947e3e48fc69136a6e97ba8f13bab50f155df7ce665291e178ac01e7fad23c34b8e851acbf710a318643ad0c80c2f96c302ff918064ab4224e0ebb49fa009fbd8b6d32b5c7e612af9030936878ddc4e3568a21ca225742ccd0fe9ac3637456b2ba3a49dab6e130ee4f9b493b8f93118985bbc13865e44d9bd064cd8bafe4b97c8d63939aafed183c7db20f22967aa48287ba42b1b73164fd5cc9708612565d12ae10318e11ca46f7f37239200394cfa148951dd3f352e07e38a19cf3f81ae54981c51752ced519d5e66c3e95a8c9109ba1d9884695881753aaa948ab948bb19f4625244343f1bdae29674886a126191a7762327c5fa6cdd0c7f827222e7e7a2fe9da581fd61997f4bfcf37849592a898bc9f124bcfce627f7c0e61063c599e222af7db780fff490b628398b03735354d93535ac588355c80b9b9a6d840969002aa82847edb926ad65e0f85bd8dd8d2a97602667595a764e231bbb91923d355ed40725ec0ca814eabe9b21e3337459389596448f9bbca03b452c298834e80f6e9f19c6675578a8e32a8e413f0b81a73f851bd7ef242e3037d37eb3973091359dab42f98255fe31104fec5fd4a38b759efa41ea877c71677175b1dd055910f3b2eb6c3984c102f3a2df052fa39d0f3687dacfc0880dca073182555cbce97f5f51fc40074aa5b292864f68f538de28816b94b6df9ef8c0f4e6484e7a777cf6b8741d2e9425b04ee60f324ec0b4c34f3b5cba73d08281388876562ba44fe8c500c7728431b9cc0ab4f47ae2e54f0ca596252eac2b013ca889828b4970665501f404c5f841a3020cd49d322a50c4cb95c6410d7ba382f58bf8cedce4d2851e99b996727b45b62eeb911d379ec3adcd3e8e27b3b3840b5136c62c747eb9a1915637a5c71bb10f86ac5fb89f7ffcf295637ed2709fab47cc00bacdc31542e0e0157c7ff55846346e8659293bddb53b250cdf6a064e5f9ba8ca2bfe1f3898950ce8f6a1429fdf96f58f7f4c6a294595fe8b288b0da780bfe205dbb1a82cddeaa1e8a7ff5e13086a86de4ecf0da248862493c888cca16b23bebc026852e771565e44faab4c97cfc0ba9c2f741d6be07ab0c8f1ccfe6e0bd45bde56c9994b1d003672a3d3780ce9fd70d3d5e7dd1a15ffdb7acfbbe40a089b114d7fef9f0e6d9e98c8bf8b8881f05f4158836c18ffd2da78b6929b7be91f069d6eeae11cb49c73abb337c4dfb3fda1e38e0b43cbcf5c1cde49234460639f02b2151288de1daf26726621b0d7316a040a46c77d54ae0abd14e4ab10dbfcc70993dc746b543aed81fcff63a97a99e69901f3ad1fadbc711bbd6d3f14e01bc0a08ee5d47d45f66e48785b6bb3722b3a6c43bcb4e999401ccc0966208b37862f7b5296cac57994b2797e0df9c8a5d40fd5378be8053fe96ce96b48282c1b35032d99b615224dc0397817593174cbc524c121efcc5154b2bc14e1d3e3f4ed361f4b31210da425fb70", 0x1000}, {&(0x7f0000001380)="7bdc3937f3cdd64f8036cec9efba0f6cf97da23994f6c87705573c39d6fe7e3bccccfcec55ae4ea4d4cf5894474cc719345341671fe81f353ecbba93764fd1302bb0ca0f0fcf55847e1c2fdc6960c2e70ff238b0367fd96c05616f701e45e1df1095c9921c6c0c67098c6bc46dbccc098c4f5c0232a7ad94c852c7c5145fbe09e970081c9fc9166779a795a4feb917c24071251e1bdc25fac18903804190b57603b18f", 0xa3}], 0x2, &(0x7f0000001440)=[{0x98, 0x10f, 0xfffffff9, "1f66f6368ca30ae9286853e2ad22400be7a6e895b627b14f6a44768647ddfce06967511cdbd5f158ac1b82c94cfee8c81d85626a72b3f3e050ff03fc5f85f6c438c22b61cc8b4dedeb89ed47c9fcd8752594cccc15dab16e78cd6a906fc5b42f8984baf7d6d3b2002963acb390a3b66c5791aba31bd4164713fa84bffa9247c4996d67"}, {0xd8, 0x119, 0x40, "c480eb1127d9844eaa5b369a0e2717c2fd2a1fd5e36aaeab4d18684cdd9fd266ba88fe22ada753af53e27b846ffabfb09bf59fd22d2eba8c56a99bd86305858c9415d04d6273ff3000e152999f8c1651a5645928223d380048965c3218aa6c4e871f2522bfff6a303d8d58609c20d9d8bb64142f2783049ea8e02acb2f16a2a7b65a50d1fb41d26a873ed77211f692cd51e6e36ef229929c1da3a532f7824641a65a034eea1ece831106698d9d87ba3dfca9384502f857877025476e4b74baf0a9"}], 0x170}, 0x8008004)
ftruncate(r1, 0x1)
ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, &(0x7f0000000040)={0x1029, <r2=>r0, 0x1})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000280)={0x1, 0x1, 0x1000, 0x0, &(0x7f0000000180), 0xa2, 0x0, &(0x7f00000001c0)="74e09b76de3229450b47f835d97b63292d6c3965ae040a206222a49ce9b1cefd4de2c6eaf28be86beb28e0d15a5daf1b8cb6eca02f1a74936a7f7cd284f8dd1b9fd99cc476ca8ba4a00d8fb8a3a76d39a7ec7c9885076047e0ab056af364d5ebd0775eb12d576973cd26c2f4624ca2d500cd9dade9733785a17593bdae65fab53efab5e4f04f036350819d9ee7d9ee3c935646604dd07a4d7b98ffbc01c1e4a6c437"})

03:53:39 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000c00), 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000c40)={'veth0_to_batadv\x00'})

[  558.349744][ T4029] Bluetooth: hci7: Frame reassembly failed (-84)
03:53:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x7f3c6698fda9)

03:53:39 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r0, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x4})
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0xc8380, 0x0)
sendmsg$kcm(r0, &(0x7f00000015c0)={&(0x7f0000000300)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000380)="081859d4afaab5d972142559332f4c6cdc233dc51c371cd4922278f64da9bb5a4a71f3a59e0e510a05369c789729dfd6f80a8d0813ffb7cb4e0647dea5541f7d93b3ac0746d54826f9a3d812eda7dacd09fefad1a030ccfd378dacf1a883cce324d95df62d4327e82115c7cc3afb86f892777014bca21c5df106ce487b4a885e5c668bb585583be32f10367b48f98fb8bf0e0c590e6c31770ba95ef866c662149ec1cd25a441ccfb5b9a161a879e7527a1f17123132f31bfa8820855c759fcf06e17e9f41eab01134935f123f982cc278b15da43e4ecc3c780a303aaf2e9d49b8680af3ef90b5315fa41ef0eaff44211dea1b69abdb95555591538dd646863bc08abc1bfd48c2f80475fa50f36784ab1a833e81cd12e415f5be6536b51f01d078935c40f8b4af34e599da517c1ccaefcf431a1e0a844138bb28a7abdc81464082b470df9ddab26ab45bd3da55ebc56ca6d7f50b4d75a4744660d028574d5c0b9879573b1963431742944dbe58b11ca82a7e298fcb21186cf107def45abcd4714345c49e7d48adb9afe41e30d8dfc76e46b5e3458bdb4801b90c8944cddfc9c04985a85eb8b38b13cbe04de3874caef8f80d8267b29af612e1eff3700cc569bc30968db63affb9a1ce7895462b2777588a65ab7190f923e6b92c508761bd69e6c0127da510e709064d50f5ba6515f237c8703193446595233c1ffabe37284e013883c53e3f1262d237c1c0a9b2a063e638aa559ab330c11d1f6da1c5374312e89ac5d17d96bd59191e0f8843a45402cb15dd09512e006976ee75959a6d8a5737234c33e9967ff326264f9a750354670a6e0127d03dd850acd88a621c86be97e5fe2c754005f8d33b9588c6635b4c1429ddcc45b90e8b309c397a13b298e466c14f39a88370a031c8c05acf6876f8ba43f1ec1655ce68b5529a0451f8862ad79099718667a2d06db79bf69db82f3b8caa502932c251c5836e9c96af686bc40ad1469ddcf54bf51978343e5cc72fc524e2d3a7a7c9706cb598c23b6d1cfac3ad5d1ef32103d714b766d7cc941506fab8e5d7b0e80e8bd40e79c0d3407c26cb374c23d5429bd751255adced71a3281e7ab8204f960661323e6d5a58471d2f426f6ac7b739a775634205b07e7fe16d64159b99e87a1fbc52e9d1235e3a2762419dcb2320d0e8e1d341b92afd667099a1bb75214ea5dfc53bc558b789dd70bb899037852a2d2528f0d06512d2eb55741b69a2692cbe3262ea1ec8fa0acf7b725d2c8cbd2a1d4e7dadb0263613cb8fcf53c436045947b317b1e8fce17806abf9cd394d0862bba42080c379be7deeb7e45b878e789e8cd3dd5754a4186c1ef4f58b471513b7644c35a4dcc5f2ea550819887c254f701da81664620a801332b78404366828a83615022e16657cd06c35fcb221e4130238acef2f166073611151f4d0bb026b800f90c216f7ca5a1ec6c7c8c5c43f49b64d0526cd74173ad06d8e6881caab5eae05d1061ae40cd5efae624496aaf9d07328ca90a95a0b2210f5e19ec75ad5ae178d8b06b56937221918af4d6489564b64b4255e86f68dc915bb9d98d7b2e3f8e68ce4e2280dfd1a882380111f7fd8e1eab4d055ea1defc2c49822989703f4784a9a44ffbc033cd8725e63df85184269c68b3b5ed724aeabcbbe291a169af7724842ee231ad80f3c8bed0a0050c7974e3042e97c812dac04108a75667c3175bafdde82cca092ea3ceecf6a4109a514e1696072d776311630169cedec8049bb6ef8039e48582d32654f7bb9a03e4838543f0e047dc780a079dec8f250d452cb659969eb8d4cd6a2570119308d717b1b3bae525156457584610987229bc3a70add26ab990a4045b85597978d439d74ae52f667863dbbb3a638430c9935f1f3b9fcf1770fef480031c7c6260cdc57bd32868626195f053f3a0a62953f6a74a0ad3b8df08b8683e1c36b4ac8e3bc139fd3339efcee1710956855619542d2708a37802b822a33a7efde5e42a60586ae229dece26a56a7e98d268b12a9c0b56d404b634abf7d0e90804fac124c47dac59bbc4618180829e8638f8909fca89390985cb16b556bea4ce6307eff760e80c02eaaa26930417ceb798cf4fc6a41b76d96624efea7de10979c772a0ba65c41a0b65e14a6ab1b4031450eaa6bfb6576e97b409b0fe33e8541413f2e5886bd4de852db59e26d4732d1f0ff0e75f61ebbc4869ed29fea8806331b786eb601a0bb07f8f68afaceb1fd7c4ad5cb884f1b817a059d56890b79a454212076a479095b67e616cc25ae662ef5b883a2d9181add975a28b29626e83046cf9948d13a5df52eb3fa63889327590a9b1ca3d8c9317576ceee71396ff308fb1d7b57f3d3e9e97d7a5abab8f622c39da311ef542434dce183c0b57a7d611c0110af3f93b1f7253ec38ba017600df4051e596567afd52f9db984a2c2fd0a3027e57e17ac8a0db803697a37763bbb56083cb8f517121e9594c496f53cbe2ffd7018520f436039c6dfb00028ca3a06a545363832d834b072eca838965794de261830719a9775fbc63e80c970edf96fbfa2ed454fa8cded298f6e1dc9387539e7d5cc2ddddde0372860d977f83302b20e37495b8efba3fe20f4c357ee8e89171a1aaea0154731ff59d9a259dc548d893124f49aff4f96d9edbe234bb026113ba2f5981f94bc19959c58b285c704f78d3da5db3092cff3d6219c3981210f11ad67aeb2f0b43b660cceea2511e4d8bf9daebc9145be649d09dbdd37675c21b8d56ad3cf7ad81551008c8a141a56db93cc664b3b2b11c4d32c6bd5ec0f19a0a2f681d5d889942e4b5bf8cf60fd139fb1141ac5903adfacff5c8e424ae9a5b9907f5345d69afb9b1ca8ccb832a1896f9356098aa6a364a90425a7171b135ad83748973584e24a7f200f860e98ee40ae6fbeb689a7c98b8730099c6e8b3224d659d3bca5d35c34c5b75ebd583a00770989e2256152b12a381f97a4cec31876a01123499aae73573547e5aee742d80e99a9c9485f29591c10acb8e8c51a4d69cf8302da725422e3760ce4b240898d3e1d6d540da3f4a6859adad55a12f78525a19cfdb0591e39f6a460bede1a92c47befc10f19a2748e790356e786d4877baaf04253e1cfed17ea276de861b1f3f39d0a97d7cb23576253e0202e97e6a2c6a08dc3c41335d483fc5c22c85b1fd04f87bcc7fbf12cf27c525d6fb0d2b7add2267382ba0f3830e82ea396d8da08acf5929bdc640d0667c5ef1fdfe98a4088e81bf6c0af671a39e64726a029646a92cb3abae63b4da58efa49fa544f9d4f833ba14da89fe6ac07bf760594f80cf5e8b2a86091afebe95ec87356d44ce381ff2f4d352977623db351f49a71e67754ceebd2a0a6c6688fd2e14b8bf5bac2472fe93fa367dfd188d0b3f0820c62e7698e9b2b532f32b5b7c7a3cbb1632674105e52c5a3575529d9d1c27465c1f336339affb828639b24f9b4ad359a9291a391727142f506db29c85299c5baf2b0c1292e63d028798388e66adc6781015b96950da419ae364add6332ec2e6d85bc875a6c79db980af169ee667753f02244649490f15e995a3faaa41da6a7c86a3e9b07d992bae6113176a08def4ccbad62b6017009174b614737dc813fdb30206c739e5aefb3bfc336faa2355bbb1a531c0f4069bc6bddb16801162f132885564d0f0e3ca6db6261c36576d6d76c6562233a47ef8e7c48dff4e5c2744a638fff91051623789ed09b230218e1280af8b0190d927819c419f94dfbfd622d606b9b7bc96b2570879f522e5989425c4b208b98d1729bb3717536dbe889140c698310208eae20c55c4f957cb67c8afc0a940d76c1f95c01afc95bad35d36d1bd27d803188f679811afcbe5f3a53116eaa6263db85eb768823533b4405dd094e526475b39c20223bc1770243eec209c8770932efdf7edf822b7885bb5a78285d2bc4af006ef7591ce11fa863d21f2296aa0eafe103227374830d4a02f153c87816baa41f24a9f50d03bf233c7a9f3ed5200b6eb8432664fb6d7773d67cdf3631a7dde2ae3bdf9ff16933d9a2950382817088463904bcd0532a5e1c710b966f058af33e3c2bd74d721a58acecfb5d88636a437979e19e0e4f6f5f8ff24d3bff285eab221483a05da2d4aa4546e38af7ac27c4bb38bb4ca6d6ce303f48ca6138b861d028989eba254414032512c5375187533dd003a27ddd6e0a75c707ba79ce8f968c8a84db80e53eb2469fc42d18c4b8a7c8385288a8dfa92472cc9fd81b1701e0b6d55b351486a1eb5295e10bdd70d50fb59ae9d3ea72e7ef18dc2c1db0947e3e48fc69136a6e97ba8f13bab50f155df7ce665291e178ac01e7fad23c34b8e851acbf710a318643ad0c80c2f96c302ff918064ab4224e0ebb49fa009fbd8b6d32b5c7e612af9030936878ddc4e3568a21ca225742ccd0fe9ac3637456b2ba3a49dab6e130ee4f9b493b8f93118985bbc13865e44d9bd064cd8bafe4b97c8d63939aafed183c7db20f22967aa48287ba42b1b73164fd5cc9708612565d12ae10318e11ca46f7f37239200394cfa148951dd3f352e07e38a19cf3f81ae54981c51752ced519d5e66c3e95a8c9109ba1d9884695881753aaa948ab948bb19f4625244343f1bdae29674886a126191a7762327c5fa6cdd0c7f827222e7e7a2fe9da581fd61997f4bfcf37849592a898bc9f124bcfce627f7c0e61063c599e222af7db780fff490b628398b03735354d93535ac588355c80b9b9a6d840969002aa82847edb926ad65e0f85bd8dd8d2a97602667595a764e231bbb91923d355ed40725ec0ca814eabe9b21e3337459389596448f9bbca03b452c298834e80f6e9f19c6675578a8e32a8e413f0b81a73f851bd7ef242e3037d37eb3973091359dab42f98255fe31104fec5fd4a38b759efa41ea877c71677175b1dd055910f3b2eb6c3984c102f3a2df052fa39d0f3687dacfc0880dca073182555cbce97f5f51fc40074aa5b292864f68f538de28816b94b6df9ef8c0f4e6484e7a777cf6b8741d2e9425b04ee60f324ec0b4c34f3b5cba73d08281388876562ba44fe8c500c7728431b9cc0ab4f47ae2e54f0ca596252eac2b013ca889828b4970665501f404c5f841a3020cd49d322a50c4cb95c6410d7ba382f58bf8cedce4d2851e99b996727b45b62eeb911d379ec3adcd3e8e27b3b3840b5136c62c747eb9a1915637a5c71bb10f86ac5fb89f7ffcf295637ed2709fab47cc00bacdc31542e0e0157c7ff55846346e8659293bddb53b250cdf6a064e5f9ba8ca2bfe1f3898950ce8f6a1429fdf96f58f7f4c6a294595fe8b288b0da780bfe205dbb1a82cddeaa1e8a7ff5e13086a86de4ecf0da248862493c888cca16b23bebc026852e771565e44faab4c97cfc0ba9c2f741d6be07ab0c8f1ccfe6e0bd45bde56c9994b1d003672a3d3780ce9fd70d3d5e7dd1a15ffdb7acfbbe40a089b114d7fef9f0e6d9e98c8bf8b8881f05f4158836c18ffd2da78b6929b7be91f069d6eeae11cb49c73abb337c4dfb3fda1e38e0b43cbcf5c1cde49234460639f02b2151288de1daf26726621b0d7316a040a46c77d54ae0abd14e4ab10dbfcc70993dc746b543aed81fcff63a97a99e69901f3ad1fadbc711bbd6d3f14e01bc0a08ee5d47d45f66e48785b6bb3722b3a6c43bcb4e999401ccc0966208b37862f7b5296cac57994b2797e0df9c8a5d40fd5378be8053fe96ce96b48282c1b35032d99b615224dc0397817593174cbc524c121efcc5154b2bc14e1d3e3f4ed361f4b31210da425fb70", 0x1000}, {&(0x7f0000001380)="7bdc3937f3cdd64f8036cec9efba0f6cf97da23994f6c87705573c39d6fe7e3bccccfcec55ae4ea4d4cf5894474cc719345341671fe81f353ecbba93764fd1302bb0ca0f0fcf55847e1c2fdc6960c2e70ff238b0367fd96c05616f701e45e1df1095c9921c6c0c67098c6bc46dbccc098c4f5c0232a7ad94c852c7c5145fbe09e970081c9fc9166779a795a4feb917c24071251e1bdc25fac18903804190b57603b18f", 0xa3}], 0x2, &(0x7f0000001440)=[{0x98, 0x10f, 0xfffffff9, "1f66f6368ca30ae9286853e2ad22400be7a6e895b627b14f6a44768647ddfce06967511cdbd5f158ac1b82c94cfee8c81d85626a72b3f3e050ff03fc5f85f6c438c22b61cc8b4dedeb89ed47c9fcd8752594cccc15dab16e78cd6a906fc5b42f8984baf7d6d3b2002963acb390a3b66c5791aba31bd4164713fa84bffa9247c4996d67"}, {0xd8, 0x119, 0x40, "c480eb1127d9844eaa5b369a0e2717c2fd2a1fd5e36aaeab4d18684cdd9fd266ba88fe22ada753af53e27b846ffabfb09bf59fd22d2eba8c56a99bd86305858c9415d04d6273ff3000e152999f8c1651a5645928223d380048965c3218aa6c4e871f2522bfff6a303d8d58609c20d9d8bb64142f2783049ea8e02acb2f16a2a7b65a50d1fb41d26a873ed77211f692cd51e6e36ef229929c1da3a532f7824641a65a034eea1ece831106698d9d87ba3dfca9384502f857877025476e4b74baf0a9"}], 0x170}, 0x8008004)
ftruncate(r1, 0x1)
ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, &(0x7f0000000040)={0x1029, <r2=>r0, 0x1})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000280)={0x1, 0x1, 0x1000, 0x0, &(0x7f0000000180), 0xa2, 0x0, &(0x7f00000001c0)="74e09b76de3229450b47f835d97b63292d6c3965ae040a206222a49ce9b1cefd4de2c6eaf28be86beb28e0d15a5daf1b8cb6eca02f1a74936a7f7cd284f8dd1b9fd99cc476ca8ba4a00d8fb8a3a76d39a7ec7c9885076047e0ab056af364d5ebd0775eb12d576973cd26c2f4624ca2d500cd9dade9733785a17593bdae65fab53efab5e4f04f036350819d9ee7d9ee3c935646604dd07a4d7b98ffbc01c1e4a6c437"})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r0, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x4}) (async)
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0xc8380, 0x0) (async)
sendmsg$kcm(r0, &(0x7f00000015c0)={&(0x7f0000000300)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000380)="081859d4afaab5d972142559332f4c6cdc233dc51c371cd4922278f64da9bb5a4a71f3a59e0e510a05369c789729dfd6f80a8d0813ffb7cb4e0647dea5541f7d93b3ac0746d54826f9a3d812eda7dacd09fefad1a030ccfd378dacf1a883cce324d95df62d4327e82115c7cc3afb86f892777014bca21c5df106ce487b4a885e5c668bb585583be32f10367b48f98fb8bf0e0c590e6c31770ba95ef866c662149ec1cd25a441ccfb5b9a161a879e7527a1f17123132f31bfa8820855c759fcf06e17e9f41eab01134935f123f982cc278b15da43e4ecc3c780a303aaf2e9d49b8680af3ef90b5315fa41ef0eaff44211dea1b69abdb95555591538dd646863bc08abc1bfd48c2f80475fa50f36784ab1a833e81cd12e415f5be6536b51f01d078935c40f8b4af34e599da517c1ccaefcf431a1e0a844138bb28a7abdc81464082b470df9ddab26ab45bd3da55ebc56ca6d7f50b4d75a4744660d028574d5c0b9879573b1963431742944dbe58b11ca82a7e298fcb21186cf107def45abcd4714345c49e7d48adb9afe41e30d8dfc76e46b5e3458bdb4801b90c8944cddfc9c04985a85eb8b38b13cbe04de3874caef8f80d8267b29af612e1eff3700cc569bc30968db63affb9a1ce7895462b2777588a65ab7190f923e6b92c508761bd69e6c0127da510e709064d50f5ba6515f237c8703193446595233c1ffabe37284e013883c53e3f1262d237c1c0a9b2a063e638aa559ab330c11d1f6da1c5374312e89ac5d17d96bd59191e0f8843a45402cb15dd09512e006976ee75959a6d8a5737234c33e9967ff326264f9a750354670a6e0127d03dd850acd88a621c86be97e5fe2c754005f8d33b9588c6635b4c1429ddcc45b90e8b309c397a13b298e466c14f39a88370a031c8c05acf6876f8ba43f1ec1655ce68b5529a0451f8862ad79099718667a2d06db79bf69db82f3b8caa502932c251c5836e9c96af686bc40ad1469ddcf54bf51978343e5cc72fc524e2d3a7a7c9706cb598c23b6d1cfac3ad5d1ef32103d714b766d7cc941506fab8e5d7b0e80e8bd40e79c0d3407c26cb374c23d5429bd751255adced71a3281e7ab8204f960661323e6d5a58471d2f426f6ac7b739a775634205b07e7fe16d64159b99e87a1fbc52e9d1235e3a2762419dcb2320d0e8e1d341b92afd667099a1bb75214ea5dfc53bc558b789dd70bb899037852a2d2528f0d06512d2eb55741b69a2692cbe3262ea1ec8fa0acf7b725d2c8cbd2a1d4e7dadb0263613cb8fcf53c436045947b317b1e8fce17806abf9cd394d0862bba42080c379be7deeb7e45b878e789e8cd3dd5754a4186c1ef4f58b471513b7644c35a4dcc5f2ea550819887c254f701da81664620a801332b78404366828a83615022e16657cd06c35fcb221e4130238acef2f166073611151f4d0bb026b800f90c216f7ca5a1ec6c7c8c5c43f49b64d0526cd74173ad06d8e6881caab5eae05d1061ae40cd5efae624496aaf9d07328ca90a95a0b2210f5e19ec75ad5ae178d8b06b56937221918af4d6489564b64b4255e86f68dc915bb9d98d7b2e3f8e68ce4e2280dfd1a882380111f7fd8e1eab4d055ea1defc2c49822989703f4784a9a44ffbc033cd8725e63df85184269c68b3b5ed724aeabcbbe291a169af7724842ee231ad80f3c8bed0a0050c7974e3042e97c812dac04108a75667c3175bafdde82cca092ea3ceecf6a4109a514e1696072d776311630169cedec8049bb6ef8039e48582d32654f7bb9a03e4838543f0e047dc780a079dec8f250d452cb659969eb8d4cd6a2570119308d717b1b3bae525156457584610987229bc3a70add26ab990a4045b85597978d439d74ae52f667863dbbb3a638430c9935f1f3b9fcf1770fef480031c7c6260cdc57bd32868626195f053f3a0a62953f6a74a0ad3b8df08b8683e1c36b4ac8e3bc139fd3339efcee1710956855619542d2708a37802b822a33a7efde5e42a60586ae229dece26a56a7e98d268b12a9c0b56d404b634abf7d0e90804fac124c47dac59bbc4618180829e8638f8909fca89390985cb16b556bea4ce6307eff760e80c02eaaa26930417ceb798cf4fc6a41b76d96624efea7de10979c772a0ba65c41a0b65e14a6ab1b4031450eaa6bfb6576e97b409b0fe33e8541413f2e5886bd4de852db59e26d4732d1f0ff0e75f61ebbc4869ed29fea8806331b786eb601a0bb07f8f68afaceb1fd7c4ad5cb884f1b817a059d56890b79a454212076a479095b67e616cc25ae662ef5b883a2d9181add975a28b29626e83046cf9948d13a5df52eb3fa63889327590a9b1ca3d8c9317576ceee71396ff308fb1d7b57f3d3e9e97d7a5abab8f622c39da311ef542434dce183c0b57a7d611c0110af3f93b1f7253ec38ba017600df4051e596567afd52f9db984a2c2fd0a3027e57e17ac8a0db803697a37763bbb56083cb8f517121e9594c496f53cbe2ffd7018520f436039c6dfb00028ca3a06a545363832d834b072eca838965794de261830719a9775fbc63e80c970edf96fbfa2ed454fa8cded298f6e1dc9387539e7d5cc2ddddde0372860d977f83302b20e37495b8efba3fe20f4c357ee8e89171a1aaea0154731ff59d9a259dc548d893124f49aff4f96d9edbe234bb026113ba2f5981f94bc19959c58b285c704f78d3da5db3092cff3d6219c3981210f11ad67aeb2f0b43b660cceea2511e4d8bf9daebc9145be649d09dbdd37675c21b8d56ad3cf7ad81551008c8a141a56db93cc664b3b2b11c4d32c6bd5ec0f19a0a2f681d5d889942e4b5bf8cf60fd139fb1141ac5903adfacff5c8e424ae9a5b9907f5345d69afb9b1ca8ccb832a1896f9356098aa6a364a90425a7171b135ad83748973584e24a7f200f860e98ee40ae6fbeb689a7c98b8730099c6e8b3224d659d3bca5d35c34c5b75ebd583a00770989e2256152b12a381f97a4cec31876a01123499aae73573547e5aee742d80e99a9c9485f29591c10acb8e8c51a4d69cf8302da725422e3760ce4b240898d3e1d6d540da3f4a6859adad55a12f78525a19cfdb0591e39f6a460bede1a92c47befc10f19a2748e790356e786d4877baaf04253e1cfed17ea276de861b1f3f39d0a97d7cb23576253e0202e97e6a2c6a08dc3c41335d483fc5c22c85b1fd04f87bcc7fbf12cf27c525d6fb0d2b7add2267382ba0f3830e82ea396d8da08acf5929bdc640d0667c5ef1fdfe98a4088e81bf6c0af671a39e64726a029646a92cb3abae63b4da58efa49fa544f9d4f833ba14da89fe6ac07bf760594f80cf5e8b2a86091afebe95ec87356d44ce381ff2f4d352977623db351f49a71e67754ceebd2a0a6c6688fd2e14b8bf5bac2472fe93fa367dfd188d0b3f0820c62e7698e9b2b532f32b5b7c7a3cbb1632674105e52c5a3575529d9d1c27465c1f336339affb828639b24f9b4ad359a9291a391727142f506db29c85299c5baf2b0c1292e63d028798388e66adc6781015b96950da419ae364add6332ec2e6d85bc875a6c79db980af169ee667753f02244649490f15e995a3faaa41da6a7c86a3e9b07d992bae6113176a08def4ccbad62b6017009174b614737dc813fdb30206c739e5aefb3bfc336faa2355bbb1a531c0f4069bc6bddb16801162f132885564d0f0e3ca6db6261c36576d6d76c6562233a47ef8e7c48dff4e5c2744a638fff91051623789ed09b230218e1280af8b0190d927819c419f94dfbfd622d606b9b7bc96b2570879f522e5989425c4b208b98d1729bb3717536dbe889140c698310208eae20c55c4f957cb67c8afc0a940d76c1f95c01afc95bad35d36d1bd27d803188f679811afcbe5f3a53116eaa6263db85eb768823533b4405dd094e526475b39c20223bc1770243eec209c8770932efdf7edf822b7885bb5a78285d2bc4af006ef7591ce11fa863d21f2296aa0eafe103227374830d4a02f153c87816baa41f24a9f50d03bf233c7a9f3ed5200b6eb8432664fb6d7773d67cdf3631a7dde2ae3bdf9ff16933d9a2950382817088463904bcd0532a5e1c710b966f058af33e3c2bd74d721a58acecfb5d88636a437979e19e0e4f6f5f8ff24d3bff285eab221483a05da2d4aa4546e38af7ac27c4bb38bb4ca6d6ce303f48ca6138b861d028989eba254414032512c5375187533dd003a27ddd6e0a75c707ba79ce8f968c8a84db80e53eb2469fc42d18c4b8a7c8385288a8dfa92472cc9fd81b1701e0b6d55b351486a1eb5295e10bdd70d50fb59ae9d3ea72e7ef18dc2c1db0947e3e48fc69136a6e97ba8f13bab50f155df7ce665291e178ac01e7fad23c34b8e851acbf710a318643ad0c80c2f96c302ff918064ab4224e0ebb49fa009fbd8b6d32b5c7e612af9030936878ddc4e3568a21ca225742ccd0fe9ac3637456b2ba3a49dab6e130ee4f9b493b8f93118985bbc13865e44d9bd064cd8bafe4b97c8d63939aafed183c7db20f22967aa48287ba42b1b73164fd5cc9708612565d12ae10318e11ca46f7f37239200394cfa148951dd3f352e07e38a19cf3f81ae54981c51752ced519d5e66c3e95a8c9109ba1d9884695881753aaa948ab948bb19f4625244343f1bdae29674886a126191a7762327c5fa6cdd0c7f827222e7e7a2fe9da581fd61997f4bfcf37849592a898bc9f124bcfce627f7c0e61063c599e222af7db780fff490b628398b03735354d93535ac588355c80b9b9a6d840969002aa82847edb926ad65e0f85bd8dd8d2a97602667595a764e231bbb91923d355ed40725ec0ca814eabe9b21e3337459389596448f9bbca03b452c298834e80f6e9f19c6675578a8e32a8e413f0b81a73f851bd7ef242e3037d37eb3973091359dab42f98255fe31104fec5fd4a38b759efa41ea877c71677175b1dd055910f3b2eb6c3984c102f3a2df052fa39d0f3687dacfc0880dca073182555cbce97f5f51fc40074aa5b292864f68f538de28816b94b6df9ef8c0f4e6484e7a777cf6b8741d2e9425b04ee60f324ec0b4c34f3b5cba73d08281388876562ba44fe8c500c7728431b9cc0ab4f47ae2e54f0ca596252eac2b013ca889828b4970665501f404c5f841a3020cd49d322a50c4cb95c6410d7ba382f58bf8cedce4d2851e99b996727b45b62eeb911d379ec3adcd3e8e27b3b3840b5136c62c747eb9a1915637a5c71bb10f86ac5fb89f7ffcf295637ed2709fab47cc00bacdc31542e0e0157c7ff55846346e8659293bddb53b250cdf6a064e5f9ba8ca2bfe1f3898950ce8f6a1429fdf96f58f7f4c6a294595fe8b288b0da780bfe205dbb1a82cddeaa1e8a7ff5e13086a86de4ecf0da248862493c888cca16b23bebc026852e771565e44faab4c97cfc0ba9c2f741d6be07ab0c8f1ccfe6e0bd45bde56c9994b1d003672a3d3780ce9fd70d3d5e7dd1a15ffdb7acfbbe40a089b114d7fef9f0e6d9e98c8bf8b8881f05f4158836c18ffd2da78b6929b7be91f069d6eeae11cb49c73abb337c4dfb3fda1e38e0b43cbcf5c1cde49234460639f02b2151288de1daf26726621b0d7316a040a46c77d54ae0abd14e4ab10dbfcc70993dc746b543aed81fcff63a97a99e69901f3ad1fadbc711bbd6d3f14e01bc0a08ee5d47d45f66e48785b6bb3722b3a6c43bcb4e999401ccc0966208b37862f7b5296cac57994b2797e0df9c8a5d40fd5378be8053fe96ce96b48282c1b35032d99b615224dc0397817593174cbc524c121efcc5154b2bc14e1d3e3f4ed361f4b31210da425fb70", 0x1000}, {&(0x7f0000001380)="7bdc3937f3cdd64f8036cec9efba0f6cf97da23994f6c87705573c39d6fe7e3bccccfcec55ae4ea4d4cf5894474cc719345341671fe81f353ecbba93764fd1302bb0ca0f0fcf55847e1c2fdc6960c2e70ff238b0367fd96c05616f701e45e1df1095c9921c6c0c67098c6bc46dbccc098c4f5c0232a7ad94c852c7c5145fbe09e970081c9fc9166779a795a4feb917c24071251e1bdc25fac18903804190b57603b18f", 0xa3}], 0x2, &(0x7f0000001440)=[{0x98, 0x10f, 0xfffffff9, "1f66f6368ca30ae9286853e2ad22400be7a6e895b627b14f6a44768647ddfce06967511cdbd5f158ac1b82c94cfee8c81d85626a72b3f3e050ff03fc5f85f6c438c22b61cc8b4dedeb89ed47c9fcd8752594cccc15dab16e78cd6a906fc5b42f8984baf7d6d3b2002963acb390a3b66c5791aba31bd4164713fa84bffa9247c4996d67"}, {0xd8, 0x119, 0x40, "c480eb1127d9844eaa5b369a0e2717c2fd2a1fd5e36aaeab4d18684cdd9fd266ba88fe22ada753af53e27b846ffabfb09bf59fd22d2eba8c56a99bd86305858c9415d04d6273ff3000e152999f8c1651a5645928223d380048965c3218aa6c4e871f2522bfff6a303d8d58609c20d9d8bb64142f2783049ea8e02acb2f16a2a7b65a50d1fb41d26a873ed77211f692cd51e6e36ef229929c1da3a532f7824641a65a034eea1ece831106698d9d87ba3dfca9384502f857877025476e4b74baf0a9"}], 0x170}, 0x8008004) (async)
ftruncate(r1, 0x1) (async)
ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, &(0x7f0000000040)={0x1029, r0, 0x1}) (async)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000280)={0x1, 0x1, 0x1000, 0x0, &(0x7f0000000180), 0xa2, 0x0, &(0x7f00000001c0)="74e09b76de3229450b47f835d97b63292d6c3965ae040a206222a49ce9b1cefd4de2c6eaf28be86beb28e0d15a5daf1b8cb6eca02f1a74936a7f7cd284f8dd1b9fd99cc476ca8ba4a00d8fb8a3a76d39a7ec7c9885076047e0ab056af364d5ebd0775eb12d576973cd26c2f4624ca2d500cd9dade9733785a17593bdae65fab53efab5e4f04f036350819d9ee7d9ee3c935646604dd07a4d7b98ffbc01c1e4a6c437"}) (async)

03:53:39 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0xb}, 0x0)

03:53:39 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000000680)=@base={0x13}, 0x48)

03:53:39 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @loopback, @empty}}}, @ip_ttl={{0x14}}], 0x38}, 0x0)

03:53:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x1000000000000)

03:53:39 executing program 3:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0) (async)
r0 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000000), 0x20000, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r0, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x4})
r1 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0xc8380, 0x0)
sendmsg$kcm(r0, &(0x7f00000015c0)={&(0x7f0000000300)=@x25={0x9, @remote={'\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc\xcc', 0x1}}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000380)="081859d4afaab5d972142559332f4c6cdc233dc51c371cd4922278f64da9bb5a4a71f3a59e0e510a05369c789729dfd6f80a8d0813ffb7cb4e0647dea5541f7d93b3ac0746d54826f9a3d812eda7dacd09fefad1a030ccfd378dacf1a883cce324d95df62d4327e82115c7cc3afb86f892777014bca21c5df106ce487b4a885e5c668bb585583be32f10367b48f98fb8bf0e0c590e6c31770ba95ef866c662149ec1cd25a441ccfb5b9a161a879e7527a1f17123132f31bfa8820855c759fcf06e17e9f41eab01134935f123f982cc278b15da43e4ecc3c780a303aaf2e9d49b8680af3ef90b5315fa41ef0eaff44211dea1b69abdb95555591538dd646863bc08abc1bfd48c2f80475fa50f36784ab1a833e81cd12e415f5be6536b51f01d078935c40f8b4af34e599da517c1ccaefcf431a1e0a844138bb28a7abdc81464082b470df9ddab26ab45bd3da55ebc56ca6d7f50b4d75a4744660d028574d5c0b9879573b1963431742944dbe58b11ca82a7e298fcb21186cf107def45abcd4714345c49e7d48adb9afe41e30d8dfc76e46b5e3458bdb4801b90c8944cddfc9c04985a85eb8b38b13cbe04de3874caef8f80d8267b29af612e1eff3700cc569bc30968db63affb9a1ce7895462b2777588a65ab7190f923e6b92c508761bd69e6c0127da510e709064d50f5ba6515f237c8703193446595233c1ffabe37284e013883c53e3f1262d237c1c0a9b2a063e638aa559ab330c11d1f6da1c5374312e89ac5d17d96bd59191e0f8843a45402cb15dd09512e006976ee75959a6d8a5737234c33e9967ff326264f9a750354670a6e0127d03dd850acd88a621c86be97e5fe2c754005f8d33b9588c6635b4c1429ddcc45b90e8b309c397a13b298e466c14f39a88370a031c8c05acf6876f8ba43f1ec1655ce68b5529a0451f8862ad79099718667a2d06db79bf69db82f3b8caa502932c251c5836e9c96af686bc40ad1469ddcf54bf51978343e5cc72fc524e2d3a7a7c9706cb598c23b6d1cfac3ad5d1ef32103d714b766d7cc941506fab8e5d7b0e80e8bd40e79c0d3407c26cb374c23d5429bd751255adced71a3281e7ab8204f960661323e6d5a58471d2f426f6ac7b739a775634205b07e7fe16d64159b99e87a1fbc52e9d1235e3a2762419dcb2320d0e8e1d341b92afd667099a1bb75214ea5dfc53bc558b789dd70bb899037852a2d2528f0d06512d2eb55741b69a2692cbe3262ea1ec8fa0acf7b725d2c8cbd2a1d4e7dadb0263613cb8fcf53c436045947b317b1e8fce17806abf9cd394d0862bba42080c379be7deeb7e45b878e789e8cd3dd5754a4186c1ef4f58b471513b7644c35a4dcc5f2ea550819887c254f701da81664620a801332b78404366828a83615022e16657cd06c35fcb221e4130238acef2f166073611151f4d0bb026b800f90c216f7ca5a1ec6c7c8c5c43f49b64d0526cd74173ad06d8e6881caab5eae05d1061ae40cd5efae624496aaf9d07328ca90a95a0b2210f5e19ec75ad5ae178d8b06b56937221918af4d6489564b64b4255e86f68dc915bb9d98d7b2e3f8e68ce4e2280dfd1a882380111f7fd8e1eab4d055ea1defc2c49822989703f4784a9a44ffbc033cd8725e63df85184269c68b3b5ed724aeabcbbe291a169af7724842ee231ad80f3c8bed0a0050c7974e3042e97c812dac04108a75667c3175bafdde82cca092ea3ceecf6a4109a514e1696072d776311630169cedec8049bb6ef8039e48582d32654f7bb9a03e4838543f0e047dc780a079dec8f250d452cb659969eb8d4cd6a2570119308d717b1b3bae525156457584610987229bc3a70add26ab990a4045b85597978d439d74ae52f667863dbbb3a638430c9935f1f3b9fcf1770fef480031c7c6260cdc57bd32868626195f053f3a0a62953f6a74a0ad3b8df08b8683e1c36b4ac8e3bc139fd3339efcee1710956855619542d2708a37802b822a33a7efde5e42a60586ae229dece26a56a7e98d268b12a9c0b56d404b634abf7d0e90804fac124c47dac59bbc4618180829e8638f8909fca89390985cb16b556bea4ce6307eff760e80c02eaaa26930417ceb798cf4fc6a41b76d96624efea7de10979c772a0ba65c41a0b65e14a6ab1b4031450eaa6bfb6576e97b409b0fe33e8541413f2e5886bd4de852db59e26d4732d1f0ff0e75f61ebbc4869ed29fea8806331b786eb601a0bb07f8f68afaceb1fd7c4ad5cb884f1b817a059d56890b79a454212076a479095b67e616cc25ae662ef5b883a2d9181add975a28b29626e83046cf9948d13a5df52eb3fa63889327590a9b1ca3d8c9317576ceee71396ff308fb1d7b57f3d3e9e97d7a5abab8f622c39da311ef542434dce183c0b57a7d611c0110af3f93b1f7253ec38ba017600df4051e596567afd52f9db984a2c2fd0a3027e57e17ac8a0db803697a37763bbb56083cb8f517121e9594c496f53cbe2ffd7018520f436039c6dfb00028ca3a06a545363832d834b072eca838965794de261830719a9775fbc63e80c970edf96fbfa2ed454fa8cded298f6e1dc9387539e7d5cc2ddddde0372860d977f83302b20e37495b8efba3fe20f4c357ee8e89171a1aaea0154731ff59d9a259dc548d893124f49aff4f96d9edbe234bb026113ba2f5981f94bc19959c58b285c704f78d3da5db3092cff3d6219c3981210f11ad67aeb2f0b43b660cceea2511e4d8bf9daebc9145be649d09dbdd37675c21b8d56ad3cf7ad81551008c8a141a56db93cc664b3b2b11c4d32c6bd5ec0f19a0a2f681d5d889942e4b5bf8cf60fd139fb1141ac5903adfacff5c8e424ae9a5b9907f5345d69afb9b1ca8ccb832a1896f9356098aa6a364a90425a7171b135ad83748973584e24a7f200f860e98ee40ae6fbeb689a7c98b8730099c6e8b3224d659d3bca5d35c34c5b75ebd583a00770989e2256152b12a381f97a4cec31876a01123499aae73573547e5aee742d80e99a9c9485f29591c10acb8e8c51a4d69cf8302da725422e3760ce4b240898d3e1d6d540da3f4a6859adad55a12f78525a19cfdb0591e39f6a460bede1a92c47befc10f19a2748e790356e786d4877baaf04253e1cfed17ea276de861b1f3f39d0a97d7cb23576253e0202e97e6a2c6a08dc3c41335d483fc5c22c85b1fd04f87bcc7fbf12cf27c525d6fb0d2b7add2267382ba0f3830e82ea396d8da08acf5929bdc640d0667c5ef1fdfe98a4088e81bf6c0af671a39e64726a029646a92cb3abae63b4da58efa49fa544f9d4f833ba14da89fe6ac07bf760594f80cf5e8b2a86091afebe95ec87356d44ce381ff2f4d352977623db351f49a71e67754ceebd2a0a6c6688fd2e14b8bf5bac2472fe93fa367dfd188d0b3f0820c62e7698e9b2b532f32b5b7c7a3cbb1632674105e52c5a3575529d9d1c27465c1f336339affb828639b24f9b4ad359a9291a391727142f506db29c85299c5baf2b0c1292e63d028798388e66adc6781015b96950da419ae364add6332ec2e6d85bc875a6c79db980af169ee667753f02244649490f15e995a3faaa41da6a7c86a3e9b07d992bae6113176a08def4ccbad62b6017009174b614737dc813fdb30206c739e5aefb3bfc336faa2355bbb1a531c0f4069bc6bddb16801162f132885564d0f0e3ca6db6261c36576d6d76c6562233a47ef8e7c48dff4e5c2744a638fff91051623789ed09b230218e1280af8b0190d927819c419f94dfbfd622d606b9b7bc96b2570879f522e5989425c4b208b98d1729bb3717536dbe889140c698310208eae20c55c4f957cb67c8afc0a940d76c1f95c01afc95bad35d36d1bd27d803188f679811afcbe5f3a53116eaa6263db85eb768823533b4405dd094e526475b39c20223bc1770243eec209c8770932efdf7edf822b7885bb5a78285d2bc4af006ef7591ce11fa863d21f2296aa0eafe103227374830d4a02f153c87816baa41f24a9f50d03bf233c7a9f3ed5200b6eb8432664fb6d7773d67cdf3631a7dde2ae3bdf9ff16933d9a2950382817088463904bcd0532a5e1c710b966f058af33e3c2bd74d721a58acecfb5d88636a437979e19e0e4f6f5f8ff24d3bff285eab221483a05da2d4aa4546e38af7ac27c4bb38bb4ca6d6ce303f48ca6138b861d028989eba254414032512c5375187533dd003a27ddd6e0a75c707ba79ce8f968c8a84db80e53eb2469fc42d18c4b8a7c8385288a8dfa92472cc9fd81b1701e0b6d55b351486a1eb5295e10bdd70d50fb59ae9d3ea72e7ef18dc2c1db0947e3e48fc69136a6e97ba8f13bab50f155df7ce665291e178ac01e7fad23c34b8e851acbf710a318643ad0c80c2f96c302ff918064ab4224e0ebb49fa009fbd8b6d32b5c7e612af9030936878ddc4e3568a21ca225742ccd0fe9ac3637456b2ba3a49dab6e130ee4f9b493b8f93118985bbc13865e44d9bd064cd8bafe4b97c8d63939aafed183c7db20f22967aa48287ba42b1b73164fd5cc9708612565d12ae10318e11ca46f7f37239200394cfa148951dd3f352e07e38a19cf3f81ae54981c51752ced519d5e66c3e95a8c9109ba1d9884695881753aaa948ab948bb19f4625244343f1bdae29674886a126191a7762327c5fa6cdd0c7f827222e7e7a2fe9da581fd61997f4bfcf37849592a898bc9f124bcfce627f7c0e61063c599e222af7db780fff490b628398b03735354d93535ac588355c80b9b9a6d840969002aa82847edb926ad65e0f85bd8dd8d2a97602667595a764e231bbb91923d355ed40725ec0ca814eabe9b21e3337459389596448f9bbca03b452c298834e80f6e9f19c6675578a8e32a8e413f0b81a73f851bd7ef242e3037d37eb3973091359dab42f98255fe31104fec5fd4a38b759efa41ea877c71677175b1dd055910f3b2eb6c3984c102f3a2df052fa39d0f3687dacfc0880dca073182555cbce97f5f51fc40074aa5b292864f68f538de28816b94b6df9ef8c0f4e6484e7a777cf6b8741d2e9425b04ee60f324ec0b4c34f3b5cba73d08281388876562ba44fe8c500c7728431b9cc0ab4f47ae2e54f0ca596252eac2b013ca889828b4970665501f404c5f841a3020cd49d322a50c4cb95c6410d7ba382f58bf8cedce4d2851e99b996727b45b62eeb911d379ec3adcd3e8e27b3b3840b5136c62c747eb9a1915637a5c71bb10f86ac5fb89f7ffcf295637ed2709fab47cc00bacdc31542e0e0157c7ff55846346e8659293bddb53b250cdf6a064e5f9ba8ca2bfe1f3898950ce8f6a1429fdf96f58f7f4c6a294595fe8b288b0da780bfe205dbb1a82cddeaa1e8a7ff5e13086a86de4ecf0da248862493c888cca16b23bebc026852e771565e44faab4c97cfc0ba9c2f741d6be07ab0c8f1ccfe6e0bd45bde56c9994b1d003672a3d3780ce9fd70d3d5e7dd1a15ffdb7acfbbe40a089b114d7fef9f0e6d9e98c8bf8b8881f05f4158836c18ffd2da78b6929b7be91f069d6eeae11cb49c73abb337c4dfb3fda1e38e0b43cbcf5c1cde49234460639f02b2151288de1daf26726621b0d7316a040a46c77d54ae0abd14e4ab10dbfcc70993dc746b543aed81fcff63a97a99e69901f3ad1fadbc711bbd6d3f14e01bc0a08ee5d47d45f66e48785b6bb3722b3a6c43bcb4e999401ccc0966208b37862f7b5296cac57994b2797e0df9c8a5d40fd5378be8053fe96ce96b48282c1b35032d99b615224dc0397817593174cbc524c121efcc5154b2bc14e1d3e3f4ed361f4b31210da425fb70", 0x1000}, {&(0x7f0000001380)="7bdc3937f3cdd64f8036cec9efba0f6cf97da23994f6c87705573c39d6fe7e3bccccfcec55ae4ea4d4cf5894474cc719345341671fe81f353ecbba93764fd1302bb0ca0f0fcf55847e1c2fdc6960c2e70ff238b0367fd96c05616f701e45e1df1095c9921c6c0c67098c6bc46dbccc098c4f5c0232a7ad94c852c7c5145fbe09e970081c9fc9166779a795a4feb917c24071251e1bdc25fac18903804190b57603b18f", 0xa3}], 0x2, &(0x7f0000001440)=[{0x98, 0x10f, 0xfffffff9, "1f66f6368ca30ae9286853e2ad22400be7a6e895b627b14f6a44768647ddfce06967511cdbd5f158ac1b82c94cfee8c81d85626a72b3f3e050ff03fc5f85f6c438c22b61cc8b4dedeb89ed47c9fcd8752594cccc15dab16e78cd6a906fc5b42f8984baf7d6d3b2002963acb390a3b66c5791aba31bd4164713fa84bffa9247c4996d67"}, {0xd8, 0x119, 0x40, "c480eb1127d9844eaa5b369a0e2717c2fd2a1fd5e36aaeab4d18684cdd9fd266ba88fe22ada753af53e27b846ffabfb09bf59fd22d2eba8c56a99bd86305858c9415d04d6273ff3000e152999f8c1651a5645928223d380048965c3218aa6c4e871f2522bfff6a303d8d58609c20d9d8bb64142f2783049ea8e02acb2f16a2a7b65a50d1fb41d26a873ed77211f692cd51e6e36ef229929c1da3a532f7824641a65a034eea1ece831106698d9d87ba3dfca9384502f857877025476e4b74baf0a9"}], 0x170}, 0x8008004)
ftruncate(r1, 0x1)
ioctl$DMA_HEAP_IOCTL_ALLOC(r0, 0xc0184800, &(0x7f0000000040)={0x1029, <r2=>r0, 0x1})
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r1, 0x40806685, &(0x7f0000000280)={0x1, 0x1, 0x1000, 0x0, &(0x7f0000000180), 0xa2, 0x0, &(0x7f00000001c0)="74e09b76de3229450b47f835d97b63292d6c3965ae040a206222a49ce9b1cefd4de2c6eaf28be86beb28e0d15a5daf1b8cb6eca02f1a74936a7f7cd284f8dd1b9fd99cc476ca8ba4a00d8fb8a3a76d39a7ec7c9885076047e0ab056af364d5ebd0775eb12d576973cd26c2f4624ca2d500cd9dade9733785a17593bdae65fab53efab5e4f04f036350819d9ee7d9ee3c935646604dd07a4d7b98ffbc01c1e4a6c437"})

03:53:39 executing program 4:
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000f00), 0x48)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000480)={r0, &(0x7f0000000380)="88", &(0x7f00000003c0)=""/155}, 0x20)

03:53:39 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0xc}, 0x0)

03:53:39 executing program 3:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bind$can_j1939(r0, &(0x7f0000000180)={0x1d, 0x0, 0x1, {0x2, 0x1}, 0xff}, 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0xa})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000000)={[{0x9, 0x5, 0x8, 0x3, 0x0, 0x80, 0x2, 0x4e, 0xfe, 0x4, 0x7f, 0x7, 0xffff}, {0xd1, 0x1, 0x38, 0x1, 0x7, 0x9, 0x5, 0x5, 0x81, 0x20, 0x7f, 0x8, 0xe87}, {0x3, 0x3, 0x80, 0x31, 0x7f, 0xff, 0x9, 0x35, 0x2a, 0x40, 0x49, 0x2, 0xfff}], 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

[  559.033700][ T5195] Bluetooth: hci8: Frame reassembly failed (-84)
03:53:39 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000003c0)={@map, 0xffffffffffffffff, 0x26, 0x8, 0xffffffffffffffff, @prog_id}, 0x20)

03:53:40 executing program 3:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bind$can_j1939(r0, &(0x7f0000000180)={0x1d, 0x0, 0x1, {0x2, 0x1}, 0xff}, 0x18) (async)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0xa})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000000)={[{0x9, 0x5, 0x8, 0x3, 0x0, 0x80, 0x2, 0x4e, 0xfe, 0x4, 0x7f, 0x7, 0xffff}, {0xd1, 0x1, 0x38, 0x1, 0x7, 0x9, 0x5, 0x5, 0x81, 0x20, 0x7f, 0x8, 0xe87}, {0x3, 0x3, 0x80, 0x31, 0x7f, 0xff, 0x9, 0x35, 0x2a, 0x40, 0x49, 0x2, 0xfff}], 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:53:40 executing program 4:
r0 = socket$kcm(0x29, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0}, 0x20000040)

03:53:40 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0xd}, 0x0)

03:53:40 executing program 3:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
bind$can_j1939(r0, &(0x7f0000000180)={0x1d, 0x0, 0x1, {0x2, 0x1}, 0xff}, 0x18)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0xa})
ioctl$KVM_SET_PIT(r2, 0x8048ae66, &(0x7f0000000000)={[{0x9, 0x5, 0x8, 0x3, 0x0, 0x80, 0x2, 0x4e, 0xfe, 0x4, 0x7f, 0x7, 0xffff}, {0xd1, 0x1, 0x38, 0x1, 0x7, 0x9, 0x5, 0x5, 0x81, 0x20, 0x7f, 0x8, 0xe87}, {0x3, 0x3, 0x80, 0x31, 0x7f, 0xff, 0x9, 0x35, 0x2a, 0x40, 0x49, 0x2, 0xfff}], 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:53:40 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg$sock(r0, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)=[@txtime={{0x18}}], 0x18}, 0x0)

03:53:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x7d, 0x9, 0x0, 0x4, 0x1, 0x0, 0x2, 0xfff, 0x177, 0x40, 0x164, 0x2, 0xff, 0x38, 0x1, 0x5, 0x5, 0x1}, [{0x3, 0x4, 0x3, 0xffffffff, 0x6, 0x1, 0x6, 0xff}, {0x70000000, 0x6, 0xffffffffffffffff, 0x8, 0x0, 0x5, 0x9}], "8d392cc03abe585d004d7a319760e228db5ba536b04011ec05e6a9e321e879876a0c0bed9db5ed55160d02b2b82b3210983de932c1d1616064d6d1044b21aeebef5f13a1d781a6e4444d72774e607b5164e6f4b4784fd107726bf7089b440dc5a2cadc825118401ef79458cace7ab681884b3225fa6b155eb5c17686ffb10be1a381d7c6fb403512b39fd9f189837b27210b216e3f8e8456f50128a194f1d543fec54dc323f0d92a1cba93d2f3cd33e8128dd4062bb1ddcb3c713125a9c6d3fbf3224e4f506f5fb55ba7f0ab32c003d7a032e41bf0f5a81032bac7688ac1b89740a0b4d490f1d8d0143629231355017a9d8328275215", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xaa6)

03:53:40 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={0x0, 0x0}, 0x20)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000e80))

03:53:40 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0xe}, 0x0)

03:53:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x7d, 0x9, 0x0, 0x4, 0x1, 0x0, 0x2, 0xfff, 0x177, 0x40, 0x164, 0x2, 0xff, 0x38, 0x1, 0x5, 0x5, 0x1}, [{0x3, 0x4, 0x3, 0xffffffff, 0x6, 0x1, 0x6, 0xff}, {0x70000000, 0x6, 0xffffffffffffffff, 0x8, 0x0, 0x5, 0x9}], "8d392cc03abe585d004d7a319760e228db5ba536b04011ec05e6a9e321e879876a0c0bed9db5ed55160d02b2b82b3210983de932c1d1616064d6d1044b21aeebef5f13a1d781a6e4444d72774e607b5164e6f4b4784fd107726bf7089b440dc5a2cadc825118401ef79458cace7ab681884b3225fa6b155eb5c17686ffb10be1a381d7c6fb403512b39fd9f189837b27210b216e3f8e8456f50128a194f1d543fec54dc323f0d92a1cba93d2f3cd33e8128dd4062bb1ddcb3c713125a9c6d3fbf3224e4f506f5fb55ba7f0ab32c003d7a032e41bf0f5a81032bac7688ac1b89740a0b4d490f1d8d0143629231355017a9d8328275215", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xaa6)

03:53:40 executing program 4:
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x8, [@var, @func_proto={0x0, 0x1, 0x0, 0xd, 0x0, [{}]}, @var={0x9, 0x0, 0x0, 0xe, 0x3}]}, {0x0, [0x61, 0x30, 0x30, 0x61, 0x5f, 0x0]}}, &(0x7f00000000c0)=""/207, 0x54, 0xcf, 0x0, 0x401}, 0x20)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000200)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x9, '\x00', 0x0, r0, 0x0, 0x0, 0x2}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, 0x0, 0x0)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000006c0)={@cgroup, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}, 0x40)
r2 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
r3 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000d80)={0xffffffffffffffff, 0xe0, &(0x7f0000000c80)={0x0, <r4=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000b00), 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000c00), 0x8, 0xee, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000dc0)={@map=r2, r3, 0x34, 0x2000, 0x0, @prog_id=r4, r1}, 0x20)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000e00)={r4}, 0x4)
r6 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000e40)={0x0, 0x10001, 0x8}, 0xc)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000e80)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg(r8, 0x0, 0x10)
openat$ppp(0xffffffffffffff9c, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002680)={{}, &(0x7f0000002580), 0x0}, 0x20)
close(0xffffffffffffffff)
r9 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
ioctl$sock_kcm_SIOCKCMCLONE(0xffffffffffffffff, 0x89e2, &(0x7f0000002d80)={r7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000031c0)={0x11, 0x1e, &(0x7f0000002e00)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r9}}, {}, [@map_val={0x18, 0x8, 0x2, 0x0, r6, 0x0, 0x0, 0x0, 0x9bf57ec}, @cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffff9}, @tail_call, @tail_call, @call={0x85, 0x0, 0x0, 0x8a}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x45daef517be9c0a0}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000002f00)='syzkaller\x00', 0x8, 0xcc, &(0x7f0000002f40)=""/204, 0x41000, 0x40, '\x00', r5, 0x0, r9, 0x8, &(0x7f0000003040), 0x8}, 0x90)

03:53:40 executing program 4:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
gettid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff})
sendmsg$unix(r2, &(0x7f00000006c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x14, 0x1, 0x1, [r1]}}], 0x30}, 0x0)

03:53:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000140)={{0x7f, 0x45, 0x4c, 0x46, 0x7d, 0x9, 0x0, 0x4, 0x1, 0x0, 0x2, 0xfff, 0x177, 0x40, 0x164, 0x2, 0xff, 0x38, 0x1, 0x5, 0x5, 0x1}, [{0x3, 0x4, 0x3, 0xffffffff, 0x6, 0x1, 0x6, 0xff}, {0x70000000, 0x6, 0xffffffffffffffff, 0x8, 0x0, 0x5, 0x9}], "8d392cc03abe585d004d7a319760e228db5ba536b04011ec05e6a9e321e879876a0c0bed9db5ed55160d02b2b82b3210983de932c1d1616064d6d1044b21aeebef5f13a1d781a6e4444d72774e607b5164e6f4b4784fd107726bf7089b440dc5a2cadc825118401ef79458cace7ab681884b3225fa6b155eb5c17686ffb10be1a381d7c6fb403512b39fd9f189837b27210b216e3f8e8456f50128a194f1d543fec54dc323f0d92a1cba93d2f3cd33e8128dd4062bb1ddcb3c713125a9c6d3fbf3224e4f506f5fb55ba7f0ab32c003d7a032e41bf0f5a81032bac7688ac1b89740a0b4d490f1d8d0143629231355017a9d8328275215", ['\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00', '\x00']}, 0xaa6)

03:53:40 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0xf}, 0x0)

03:53:40 executing program 4:
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000740)={@ifindex, 0xffffffffffffffff, 0x1b, 0x60, 0x0, @prog_id}, 0x20)

03:53:40 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x642080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x3})
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

[  560.381671][ T3653] Bluetooth: hci7: command 0x1003 tx timeout
[  560.388752][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  561.101629][ T3817] Bluetooth: hci8: command 0x1003 tx timeout
[  561.109232][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  562.461727][ T3817] Bluetooth: hci7: command 0x1001 tx timeout
[  562.468495][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  562.702923][ T1376] ieee802154 phy0 wpan0: encryption failed: -22
[  562.709206][ T1376] ieee802154 phy1 wpan1: encryption failed: -22
[  563.182026][ T3653] Bluetooth: hci8: command 0x1001 tx timeout
[  563.189060][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  564.541739][ T3653] Bluetooth: hci7: command 0x1009 tx timeout
[  565.261767][ T3817] Bluetooth: hci8: command 0x1009 tx timeout
03:53:49 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x400000000000000)

03:53:49 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x3b, &(0x7f00000000c0)=@ringbuf={{}, {}, {}, [@tail_call, @snprintf, @snprintf, @snprintf]}, &(0x7f0000000000)='syzkaller\x00'}, 0x90)

03:53:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x642080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x3})
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x10}, 0x0)

03:53:49 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x642080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000000)={0x3})
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:49 executing program 4:
bpf$BPF_MAP_GET_FD_BY_ID(0x9, &(0x7f0000000080)={0x0, 0x0, 0x22}, 0xc)

03:53:49 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@int]}}, 0x0, 0x2a}, 0x20)

03:53:49 executing program 3:
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000002c0)=ANY=[@ANYBLOB="aef001820100003f00000000", @ANYRES32=r0, @ANYBLOB="ac000000000000002e2f66696c653000"])
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x1, @void}, 0x10)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@ipv4={""/10, ""/2, @local}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @multicast2}}, 0x0, @in6=@private1}}, &(0x7f0000000240)=0xe8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {r2}}, './file0\x00'})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380), 0x2, 0x2)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
flock(r4, 0x3)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)

[  568.579701][  T431] Bluetooth: hci7: Frame reassembly failed (-84)
03:53:49 executing program 4:
r0 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r0, 0xc0487c04, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f00000002c0)=[{}, {}]})

03:53:49 executing program 4:
r0 = openat$drirender128(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_SETPROPERTY(r0, 0xc01064ab, 0x0)

03:53:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x11}, 0x0)

03:53:49 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100000000000000)

03:53:49 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0)

03:53:49 executing program 3:
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) (async)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000002c0)=ANY=[@ANYBLOB="aef001820100003f00000000", @ANYRES32=r0, @ANYBLOB="ac000000000000002e2f66696c653000"])
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x1, @void}, 0x10)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@ipv4={""/10, ""/2, @local}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @multicast2}}, 0x0, @in6=@private1}}, &(0x7f0000000240)=0xe8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {r2}}, './file0\x00'})
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380), 0x2, 0x2) (async)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380), 0x2, 0x2)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
flock(r4, 0x3)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)

03:53:49 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x12}, 0x0)

03:53:50 executing program 4:
syz_io_uring_setup(0x5e87, &(0x7f0000000000)={0x0, 0x0, 0x100}, 0x0, 0x0)

03:53:50 executing program 3:
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0) (async)
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x280, 0x0)
ioctl$AUTOFS_DEV_IOCTL_TIMEOUT(r0, 0xc018937a, &(0x7f00000002c0)=ANY=[@ANYBLOB="aef001820100003f00000000", @ANYRES32=r0, @ANYBLOB="ac000000000000002e2f66696c653000"])
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x1, @void}, 0x10) (async)
r1 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x25, 0x1, @void}, 0x10)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000140)={{{@in6=@ipv4={""/10, ""/2, @local}, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@ipv4={""/10, ""/2, @multicast2}}, 0x0, @in6=@private1}}, &(0x7f0000000240)=0xe8)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r0, 0xc018937b, &(0x7f0000000280)={{0x1, 0x1, 0x18, r1, {r2}}, './file0\x00'})
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
lsetxattr$trusted_overlay_opaque(&(0x7f0000000300)='./file0\x00', &(0x7f0000000340), &(0x7f0000000380), 0x2, 0x2)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r4, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
flock(r4, 0x3)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)

03:53:50 executing program 4:
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x10000, 0x0)

[  569.270297][ T4030] Bluetooth: hci8: Frame reassembly failed (-84)
03:53:50 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x44}, 0x0)

03:53:50 executing program 4:
bind$isdn(0xffffffffffffffff, 0x0, 0x0)

03:53:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:50 executing program 4:
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$nfs4(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280))

03:53:50 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x300}, 0x0)

03:53:50 executing program 4:
bpf$MAP_CREATE(0x2, 0x0, 0x0)

03:53:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:50 executing program 4:
shmat(0x0, &(0x7f0000ffc000/0x3000)=nil, 0x6000)

03:53:50 executing program 4:
syz_open_dev$audion(&(0x7f0000000380), 0x1, 0x0)

03:53:50 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0xffffff1f}, 0x0)

03:53:50 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)

03:53:50 executing program 4:
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$nfs4(&(0x7f0000000100)='$)!\x00', &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000280)={[{'-\xd5{--'}]})

03:53:50 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x2}, 0x0)

03:53:50 executing program 4:
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'ip6tnl0\x00', &(0x7f0000000100)={'ip6tnl0\x00', 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, @private2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}})

[  569.918530][ T9797] nfs4: Unknown parameter '-Õ{--'
[  570.631686][ T3816] Bluetooth: hci7: command 0x1003 tx timeout
[  570.638927][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  571.342317][ T3817] Bluetooth: hci8: command 0x1003 tx timeout
[  571.350377][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  572.701770][ T3816] Bluetooth: hci7: command 0x1001 tx timeout
[  572.708655][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  573.432013][ T3816] Bluetooth: hci8: command 0x1001 tx timeout
[  573.438621][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  574.791654][ T3653] Bluetooth: hci7: command 0x1009 tx timeout
[  575.501862][ T3817] Bluetooth: hci8: command 0x1009 tx timeout
03:53:59 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x500000000000000)

03:53:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:59 executing program 4:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(r0, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

03:53:59 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x3}, 0x0)

03:53:59 executing program 4:
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000740), 0x0, 0x0)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, 0x0)

[  578.785002][ T3537] Bluetooth: hci7: sending frame failed (-49)
03:53:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:53:59 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x4}, 0x0)

03:53:59 executing program 4:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)="82e34ee91e0e5970be98d65978", 0xd}}, 0x0)

03:53:59 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async, rerun: 64)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (rerun: 64)

03:53:59 executing program 4:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)="82e34ee91e0e5970be98d65978", 0xd}}, 0x0)

[  578.995764][ T9828] ieee802154 phy0 wpan0: encryption failed: -22
03:53:59 executing program 4:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)="82e34ee91e0e5970be98d65978", 0xd}}, 0x0)

[  579.083104][ T9837] ieee802154 phy0 wpan0: encryption failed: -22
[  579.173301][ T9839] ieee802154 phy0 wpan0: encryption failed: -22
03:54:00 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x100008000000000)

03:54:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x5}, 0x0)

03:54:00 executing program 4:
r0 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
sendmsg$802154_raw(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)="82e34ee91e0e5970be98d65978", 0xd}}, 0x0)

03:54:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)

[  579.390964][ T9844] ieee802154 phy0 wpan0: encryption failed: -22
03:54:00 executing program 4:
bpf$BPF_MAP_CONST_STR_FREEZE(0xe, &(0x7f0000001500), 0x4)

03:54:00 executing program 4:
gettid()
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
recvmsg$unix(0xffffffffffffffff, 0x0, 0x0)
syz_clone(0x42000000, &(0x7f0000000240), 0x0, 0x0, &(0x7f00000002c0), &(0x7f0000000300)="790a8feef90f4871147020dc450c")

[  579.434659][ T4029] Bluetooth: hci8: Frame reassembly failed (-84)
03:54:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)

03:54:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x6}, 0x0)

03:54:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1) (async)

03:54:00 executing program 4:
bpf$BPF_PROG_ATTACH(0x6, &(0x7f0000000500)={@cgroup, 0xffffffffffffffff, 0x15}, 0x20)
syz_open_procfs$namespace(0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000340), 0x8)
r1 = bpf$ITER_CREATE(0x21, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000380)={r0, 0xffffffffffffffff, 0x4, r1}, 0x10)
sendmsg(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0), 0x0, 0x0, 0x2358}, 0x8010)
syz_clone(0x42000000, &(0x7f0000000240)='w\"', 0x2, &(0x7f0000000280), &(0x7f00000002c0), 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000000)='ns/pid\x00')

03:54:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x7}, 0x0)

03:54:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)

03:54:00 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)

03:54:00 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x8}, 0x0)

03:54:00 executing program 4:
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000240)={@map, 0xffffffffffffffff, 0xa, 0x0, 0x0, @link_id}, 0x20)

03:54:01 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
pipe(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)

03:54:01 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x9}, 0x0)

03:54:01 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x11, 0x3, &(0x7f0000000e00)=@framed, &(0x7f0000000e40)='syzkaller\x00', 0x3}, 0x90)

03:54:01 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0xb}, 0x0)

03:54:01 executing program 3:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="38000000240007750000004007a2a30005000000", @ANYRES32, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x6c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x34, 0x2, [@TCA_CGROUP_ACT={0x30, 0x1, [@m_nat={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6}]}, 0x6c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'gretap0\x00', &(0x7f0000000380)={'syztnl2\x00', <r1=>0x0, 0x20, 0x7800, 0x80, 0x0, {{0xa, 0x4, 0x3, 0x6, 0x28, 0x80, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}, @empty, {[@lsrr={0x83, 0x13, 0xfb, [@remote, @multicast1, @empty, @empty]}]}}}}})
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000055000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="00000000e000000100"/24], 0x38}}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_GET(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x88, r6, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x88}}, 0x40000)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x1, &(0x7f00000002c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], &(0x7f0000000300)='GPL\x00', 0x5, 0x3f, &(0x7f0000000340)=""/63, 0x40f00, 0x1c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x8, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r9, r7, 0x25, 0x10, @void}, 0x10)
getsockname$packet(0xffffffffffffffff, &(0x7f00000025c0)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002600)=0x14)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002640)={r9, r10, 0x25, 0x10, @void}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r11=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wg2\x00', <r12=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'team0\x00', <r13=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000580)={'tunl0\x00', &(0x7f0000000500)={'syztnl2\x00', <r14=>0x0, 0x7, 0x1, 0x20, 0x9669, {{0x15, 0x4, 0x2, 0x2a, 0x54, 0x64, 0x0, 0xff, 0x29, 0x0, @rand_addr=0x64010102, @rand_addr=0x64010102, {[@timestamp_prespec={0x44, 0x24, 0x71, 0x3, 0x4, [{@multicast1, 0x8}, {@multicast1, 0x8}, {@private=0xa010102, 0xffff}, {@remote}]}, @ra={0x94, 0x4, 0x1}, @generic={0x88, 0x11, "9acb9b4460813e9eae2b7d6ff22610"}, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000680)={'syztnl0\x00', &(0x7f00000005c0)={'sit0\x00', <r15=>0x0, 0xab1bcb29933aef14, 0x10, 0x0, 0x0, {{0x19, 0x4, 0x0, 0x1, 0x64, 0x66, 0x0, 0x20, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@ra={0x94, 0x4}, @ssrr={0x89, 0x1b, 0xa7, [@empty, @multicast1, @empty, @multicast2, @multicast2, @broadcast]}, @end, @timestamp_prespec={0x44, 0x1c, 0x59, 0x3, 0xa, [{@remote, 0x4}, {@rand_addr=0x64010100, 0x6}, {@local, 0x8000}]}, @rr={0x7, 0x13, 0x9a, [@loopback, @multicast2, @multicast1, @broadcast]}, @noop]}}}}})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'wg0\x00', <r16=>0x0})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'team0\x00', <r17=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xa008000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000740)={0x6a0, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1ff}}}]}}, {{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5e19}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffff801}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r0}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8387}}}]}}, {{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r10}}, {0x8}}}]}}, {{0x8, 0x1, r11}, {0xb8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfa1b}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r13}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x17c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x810}}, {0x8, 0x6, r16}}}]}}, {{0x8, 0x1, r17}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}]}, 0x6a0}, 0x1, 0x0, 0x0, 0x4000080}, 0xe080)
r18 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r19, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r20 = ioctl$KVM_CREATE_VCPU(r19, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r19, r20, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000000)="f20f1b260600d9db66b9f109000066b88792000066ba000000000f3066b8000000000f23d80f21f86635800000800f23f866b9fd0800000f32660fed77a366b8010000000f01c10f2003640fc7a80000db46bd", 0x53}], 0x1, 0x4, &(0x7f0000000180), 0x0)

03:54:01 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001100)={0x0, &(0x7f0000001080)=""/83, 0x0, 0x53}, 0x20)

[  580.469459][ T9919] netlink: 32 bytes leftover after parsing attributes in process `syz-executor.3'.
[  580.861516][ T3817] Bluetooth: hci7: command 0x1003 tx timeout
[  580.868920][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  581.501520][ T3653] Bluetooth: hci8: command 0x1003 tx timeout
[  581.508973][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  582.941553][ T3653] Bluetooth: hci7: command 0x1001 tx timeout
[  582.948544][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  583.581575][ T3816] Bluetooth: hci8: command 0x1001 tx timeout
[  583.587652][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  585.021803][ T3653] Bluetooth: hci7: command 0x1009 tx timeout
[  585.661724][ T3816] Bluetooth: hci8: command 0x1009 tx timeout
03:54:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x600000000000000)

03:54:09 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0xf}, 0x0)

03:54:09 executing program 4:
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000011c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x48)

03:54:09 executing program 3:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="38000000240007750000004007a2a30005000000", @ANYRES32, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x6c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x34, 0x2, [@TCA_CGROUP_ACT={0x30, 0x1, [@m_nat={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6}]}, 0x6c}}, 0x0) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'team0\x00', <r0=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'gretap0\x00', &(0x7f0000000380)={'syztnl2\x00', <r1=>0x0, 0x20, 0x7800, 0x80, 0x0, {{0xa, 0x4, 0x3, 0x6, 0x28, 0x80, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}, @empty, {[@lsrr={0x83, 0x13, 0xfb, [@remote, @multicast1, @empty, @empty]}]}}}}})
r2 = socket$nl_route(0x10, 0x3, 0x0) (async)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000055000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="00000000e000000100"/24], 0x38}}, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14)
sendmsg$ETHTOOL_MSG_RINGS_GET(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x88, r6, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x88}}, 0x40000)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x1, &(0x7f00000002c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], &(0x7f0000000300)='GPL\x00', 0x5, 0x3f, &(0x7f0000000340)=""/63, 0x40f00, 0x1c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x8, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x8}, 0x90)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r9, r7, 0x25, 0x10, @void}, 0x10)
getsockname$packet(0xffffffffffffffff, &(0x7f00000025c0)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002600)=0x14)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002640)={r9, r10, 0x25, 0x10, @void}, 0x10) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r11=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wg2\x00', <r12=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'team0\x00', <r13=>0x0})
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000580)={'tunl0\x00', &(0x7f0000000500)={'syztnl2\x00', <r14=>0x0, 0x7, 0x1, 0x20, 0x9669, {{0x15, 0x4, 0x2, 0x2a, 0x54, 0x64, 0x0, 0xff, 0x29, 0x0, @rand_addr=0x64010102, @rand_addr=0x64010102, {[@timestamp_prespec={0x44, 0x24, 0x71, 0x3, 0x4, [{@multicast1, 0x8}, {@multicast1, 0x8}, {@private=0xa010102, 0xffff}, {@remote}]}, @ra={0x94, 0x4, 0x1}, @generic={0x88, 0x11, "9acb9b4460813e9eae2b7d6ff22610"}, @ra={0x94, 0x4, 0x1}]}}}}}) (async)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000680)={'syztnl0\x00', &(0x7f00000005c0)={'sit0\x00', <r15=>0x0, 0xab1bcb29933aef14, 0x10, 0x0, 0x0, {{0x19, 0x4, 0x0, 0x1, 0x64, 0x66, 0x0, 0x20, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@ra={0x94, 0x4}, @ssrr={0x89, 0x1b, 0xa7, [@empty, @multicast1, @empty, @multicast2, @multicast2, @broadcast]}, @end, @timestamp_prespec={0x44, 0x1c, 0x59, 0x3, 0xa, [{@remote, 0x4}, {@rand_addr=0x64010100, 0x6}, {@local, 0x8000}]}, @rr={0x7, 0x13, 0x9a, [@loopback, @multicast2, @multicast1, @broadcast]}, @noop]}}}}}) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'wg0\x00', <r16=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'team0\x00', <r17=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xa008000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000740)={0x6a0, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1ff}}}]}}, {{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5e19}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffff801}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r0}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8387}}}]}}, {{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r10}}, {0x8}}}]}}, {{0x8, 0x1, r11}, {0xb8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfa1b}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r13}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x17c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x810}}, {0x8, 0x6, r16}}}]}}, {{0x8, 0x1, r17}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}]}, 0x6a0}, 0x1, 0x0, 0x0, 0x4000080}, 0xe080)
r18 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r19, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
r20 = ioctl$KVM_CREATE_VCPU(r19, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r19, r20, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000000)="f20f1b260600d9db66b9f109000066b88792000066ba000000000f3066b8000000000f23d80f21f86635800000800f23f866b9fd0800000f32660fed77a366b8010000000f01c10f2003640fc7a80000db46bd", 0x53}], 0x1, 0x4, &(0x7f0000000180), 0x0)

03:54:09 executing program 4:
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000080)={0xffffffffffffffff, 0x58, &(0x7f0000000000)={0x0, <r0=>0x0}}, 0x10)
r1 = socket$kcm(0x29, 0x0, 0x0)
r2 = getpid()
syz_clone(0x0, &(0x7f0000000900), 0x0, &(0x7f0000000980), &(0x7f00000009c0), &(0x7f0000000a00)="71cd5afabda9d904193b93eea562b4a73ff4174fdc804d437211be9f787f8fc5d4474510a2e69194c13a903bfa7a6c0c79ca0fe3117ef8758da3e710aff0aa05318bf42290ad3bfa8d26d46c78c733333030cc24a6abf82ec5a4")
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x0, 0x0}, 0x20000455)
openat$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000a80)='memory.pressure\x00', 0x2, 0x0)
r3 = syz_clone(0x4008a100, &(0x7f0000000ac0)="e215b6f5aabbe9f47c26de6b7981d9fdccbcc163b4de0406e4a59d3acbdf929990941b85559ee22833e644ba5fd91499261e9d98", 0x34, &(0x7f0000000b40), &(0x7f0000000b80), &(0x7f0000000bc0)="0257a0fcc51245f3e2f60ebd8bf4c72a0d291efe1fb8d7c01ec2e7e0a0379d0a281e7bc103664fd6bf75d8a9c189b685d8f49bc72ac6e2061a544082543a75429ca6bc30c7585215d4117b4798f313c5ca9e56661ad18bc5e1fea0df1e591bf1654f27f4d1a9d105504d6c7b28f827f2acc1")
sendmsg$unix(0xffffffffffffffff, &(0x7f0000002000)={0x0, 0x0, &(0x7f0000001f80)=[{0x0}, {0x0}], 0x2}, 0x0)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000d80)={&(0x7f0000000540)=@file={0x1, './file0\x00'}, 0x6e, 0x0, 0x0, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {r2, 0xee00, 0xee01}}}, @rights={{0x20, 0x1, 0x1, [r1, r1, r1, r1]}}, @rights={{0x14, 0x1, 0x1, [r1]}}, @cred={{0x1c, 0x1, 0x2, {0x0, 0xffffffffffffffff, 0xee00}}}, @cred={{0x1c, 0x1, 0x2, {r3, 0xee01, 0xffffffffffffffff}}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, r1]}}, @rights={{0x28, 0x1, 0x1, [r1, 0xffffffffffffffff, r1, r1, r1, 0xffffffffffffffff]}}], 0xd8, 0x80}, 0x4044800)
recvmsg$kcm(r1, &(0x7f0000000440)={&(0x7f0000000140)=@x25, 0x80, &(0x7f00000003c0)=[{&(0x7f00000001c0)=""/251, 0xfb}], 0x1, &(0x7f0000000400)=""/6, 0x6}, 0x12000)
bpf$BPF_MAP_GET_FD_BY_ID(0x8, &(0x7f0000000100)={r0, 0x0, 0x9af6db6f72278e8e}, 0xc)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000480), 0x4080, 0x0)
ioctl$TUNGETSNDBUF(r4, 0x800454d3, &(0x7f00000004c0))

[  589.039692][ T5195] Bluetooth: hci7: Frame reassembly failed (-84)
03:54:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x1d}, 0x0)

03:54:10 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000003440)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000003f80)={&(0x7f0000003b00)=@generic={0x0, "8bfbaa884f1fcd7a82d1a1b8d3cd0fd39d5e0719c1e1bb655b6c4e8cfba18159873056258aac6e3a8f5440deec162bead5a8c49fc85d82d29d0404acd452723ec6781ca76095279825b63323c777174cddc01fa178376bc885a9afcf8678c078d1e5e23a56b45006fe91a5f06f006680c08557a86ea0a2189657deee5d6d"}, 0x80, 0x0}, 0x40040)

03:54:10 executing program 3:
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="38000000240007750000004007a2a30005000000", @ANYRES32, @ANYBLOB="00000000ffffffff00000000090001006866736300000000080002"], 0x38}}, 0x0) (async)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000002c0)=@newtfilter={0x6c, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x4}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x34, 0x2, [@TCA_CGROUP_ACT={0x30, 0x1, [@m_nat={0x2c, 0x0, 0x0, 0x0, {{0x8}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}, @TCA_RATE={0x6}]}, 0x6c}}, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000340)={'team0\x00', <r0=>0x0}) (async, rerun: 32)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000400)={'gretap0\x00', &(0x7f0000000380)={'syztnl2\x00', <r1=>0x0, 0x20, 0x7800, 0x80, 0x0, {{0xa, 0x4, 0x3, 0x6, 0x28, 0x80, 0x0, 0x2, 0x4, 0x0, @dev={0xac, 0x14, 0x14, 0x2e}, @empty, {[@lsrr={0x83, 0x13, 0xfb, [@remote, @multicast1, @empty, @empty]}]}}}}}) (async, rerun: 32)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000380)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="3800000055000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB='\x00\x00\x00\x00', @ANYRES32=0x0, @ANYBLOB="00000000e000000100"/24], 0x38}}, 0x0) (async)
r5 = socket$nl_generic(0x10, 0x3, 0x10) (async)
r6 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff) (async)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14) (async, rerun: 32)
getsockname$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000140)=0x14) (rerun: 32)
sendmsg$ETHTOOL_MSG_RINGS_GET(r5, &(0x7f0000000280)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1000}, 0xc, &(0x7f0000000240)={&(0x7f0000000180)={0x88, r6, 0x10, 0x70bd2b, 0x25dfdbfc, {}, [@HEADER={0x30, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r8}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bond0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8}]}, @HEADER={0x4}, @HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'virt_wifi0\x00'}]}, @HEADER={0x28, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syzkaller1\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x3}]}]}, 0x88}}, 0x40000) (async, rerun: 64)
r9 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000400)={0x6, 0x1, &(0x7f00000002c0)=@raw=[@kfunc={0x85, 0x0, 0x2, 0x0, 0x1}], &(0x7f0000000300)='GPL\x00', 0x5, 0x3f, &(0x7f0000000340)=""/63, 0x40f00, 0x1c, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, &(0x7f0000000380)={0x8, 0x2}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=[0x1, 0xffffffffffffffff, 0x1, 0xffffffffffffffff], 0x0, 0x10, 0x8}, 0x90) (rerun: 64)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r9, r7, 0x25, 0x10, @void}, 0x10)
getsockname$packet(0xffffffffffffffff, &(0x7f00000025c0)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000002600)=0x14)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000002640)={r9, r10, 0x25, 0x10, @void}, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000440)={'team0\x00', <r11=>0x0})
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f0000000480)={'wg2\x00', <r12=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f00000004c0)={'team0\x00', <r13=>0x0}) (async)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000580)={'tunl0\x00', &(0x7f0000000500)={'syztnl2\x00', <r14=>0x0, 0x7, 0x1, 0x20, 0x9669, {{0x15, 0x4, 0x2, 0x2a, 0x54, 0x64, 0x0, 0xff, 0x29, 0x0, @rand_addr=0x64010102, @rand_addr=0x64010102, {[@timestamp_prespec={0x44, 0x24, 0x71, 0x3, 0x4, [{@multicast1, 0x8}, {@multicast1, 0x8}, {@private=0xa010102, 0xffff}, {@remote}]}, @ra={0x94, 0x4, 0x1}, @generic={0x88, 0x11, "9acb9b4460813e9eae2b7d6ff22610"}, @ra={0x94, 0x4, 0x1}]}}}}})
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000680)={'syztnl0\x00', &(0x7f00000005c0)={'sit0\x00', <r15=>0x0, 0xab1bcb29933aef14, 0x10, 0x0, 0x0, {{0x19, 0x4, 0x0, 0x1, 0x64, 0x66, 0x0, 0x20, 0x29, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @remote, {[@ra={0x94, 0x4}, @ssrr={0x89, 0x1b, 0xa7, [@empty, @multicast1, @empty, @multicast2, @multicast2, @broadcast]}, @end, @timestamp_prespec={0x44, 0x1c, 0x59, 0x3, 0xa, [{@remote, 0x4}, {@rand_addr=0x64010100, 0x6}, {@local, 0x8000}]}, @rr={0x7, 0x13, 0x9a, [@loopback, @multicast2, @multicast1, @broadcast]}, @noop]}}}}}) (async)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, &(0x7f00000006c0)={'wg0\x00', <r16=>0x0}) (async)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000700)={'team0\x00', <r17=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000e40)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0xa008000}, 0xc, &(0x7f0000000e00)={&(0x7f0000000740)={0x6a0, 0x0, 0x10, 0x70bd27, 0x25dfdbfc, {}, [{{0x8}, {0xf0, 0x2, 0x0, 0x1, [{0x3c, 0x1, @enabled={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x4}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x1ff}}}]}}, {{0x8}, {0xfc, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x5e19}}, {0x8}}}, {0x40, 0x1, @lb_port_stats={{{0x24}, {0x5}, {0x8, 0x4, 0xfffff801}}, {0x8}}}, {0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8}}}]}}, {{0x8, 0x1, r0}, {0xb4, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x7}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8}}, {0x8, 0x6, r1}}}, {0x38, 0x1, @notify_peers_count={{0x24}, {0x5}, {0x8, 0x4, 0x8387}}}]}}, {{0x8, 0x1, r4}, {0x44, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_tx_hash_to_port_mapping={{{0x24}, {0x5}, {0x8, 0x4, r10}}, {0x8}}}]}}, {{0x8, 0x1, r11}, {0xb8, 0x2, 0x0, 0x1, [{0x3c, 0x1, @user_linkup={{{0x24}, {0x5}, {0x4}}, {0x8, 0x6, r12}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0xfa1b}}, {0x8}}}, {0x38, 0x1, @mcast_rejoin_interval={{0x24}, {0x5}, {0x8, 0x4, 0x3}}}]}}, {{0x8, 0x1, r13}, {0xc0, 0x2, 0x0, 0x1, [{0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x3c, 0x1, @lb_tx_method={{0x24}, {0x5}, {0x9, 0x4, 'hash\x00'}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x2}}, {0x8}}}]}}, {{0x8, 0x1, r14}, {0x17c, 0x2, 0x0, 0x1, [{0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x80}}, {0x8}}}, {0x40, 0x1, @queue_id={{{0x24}, {0x5}, {0x8, 0x4, 0x1}}, {0x8, 0x6, r15}}}, {0x40, 0x1, @lb_hash_stats={{{0x24}, {0x5}, {0x8, 0x4, 0x40}}, {0x8}}}, {0x38, 0x1, @notify_peers_interval={{0x24}, {0x5}, {0x8, 0x4, 0x5}}}, {0x40, 0x1, @name={{0x24}, {0x5}, {0xe, 0x4, 'broadcast\x00'}}}, {0x40, 0x1, @priority={{{0x24}, {0x5}, {0x8, 0x4, 0x810}}, {0x8, 0x6, r16}}}]}}, {{0x8, 0x1, r17}, {0x74, 0x2, 0x0, 0x1, [{0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8}}}, {0x38, 0x1, @lb_stats_refresh_interval={{0x24}, {0x5}, {0x8, 0x4, 0x1}}}]}}]}, 0x6a0}, 0x1, 0x0, 0x0, 0x4000080}, 0xe080) (async)
r18 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r19 = ioctl$KVM_CREATE_VM(r18, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r19, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
r20 = ioctl$KVM_CREATE_VCPU(r19, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r19, r20, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, &(0x7f0000000000)="f20f1b260600d9db66b9f109000066b88792000066ba000000000f3066b8000000000f23d80f21f86635800000800f23f866b9fd0800000f32660fed77a366b8010000000f01c10f2003640fc7a80000db46bd", 0x53}], 0x1, 0x4, &(0x7f0000000180), 0x0)

03:54:10 executing program 4:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)={<r0=>0xffffffffffffffff})
r1 = getpid()
sendmsg$unix(r0, &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000c40)=[@cred={{0x1c, 0x1, 0x2, {r1, 0xee00, 0xee01}}}, @cred={{0x1c}}], 0x40}, 0x0)

03:54:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x30}, 0x0)

03:54:10 executing program 4:
bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0xc, 0x3, &(0x7f0000000700)=@framed, 0x0}, 0x90)

03:54:10 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x108000000000000)

03:54:10 executing program 4:
sendmsg(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x0, 0x3, &(0x7f0000000e00)=@framed, 0x0}, 0x90)

03:54:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

03:54:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x44}, 0x0)

03:54:10 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000005f40), 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f0000005f80)={'ip6tnl0\x00'})

03:54:10 executing program 4:
sendmsg(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x11, 0x3, &(0x7f0000000e00)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001680)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}, 0x90)

[  589.695629][ T3537] Bluetooth: hci8: sending frame failed (-49)
03:54:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

03:54:10 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x11, 0x3, &(0x7f0000000e00)=@framed, &(0x7f0000000e40)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001180), 0x10}, 0x90)

03:54:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x60}, 0x0)

03:54:10 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000006d00)={@cgroup, 0xffffffffffffffff, 0x9}, 0x20)

03:54:10 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)

03:54:10 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001700)={0x11, 0x4, &(0x7f0000000e00)=@framed={{}, [@generic={0x1}]}, &(0x7f0000000e40)='syzkaller\x00', 0x3, 0x19, &(0x7f0000000e80)=""/25}, 0x90)

03:54:10 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0xdd}, 0x0)

03:54:10 executing program 4:
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000003840)={@cgroup, 0x31, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

03:54:11 executing program 4:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000006c80)=@o_path={0x0}, 0x18)

03:54:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)

03:54:11 executing program 4:
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000003940)={&(0x7f0000001f80)=@tipc=@id, 0x80, 0x0}, 0x0)

03:54:11 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x300}, 0x0)

03:54:11 executing program 4:
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000940)={0x0, 0xa, &(0x7f0000000180)=[{&(0x7f0000000000)="d8000000100081044e81f782db44b904021d080005000000e8fe55a1180015020600142603600e1209000d0000000401a80016000a00144006000000036010fab94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef52a98516277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9701", 0xd8}], 0x1}, 0x0)

[  590.427073][T10029] netlink: 'syz-executor.4': attribute type 13 has an invalid length.
[  590.453390][T10029] netlink: 152 bytes leftover after parsing attributes in process `syz-executor.4'.
03:54:11 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)

03:54:11 executing program 4:
socketpair(0x2, 0x5, 0x0, &(0x7f0000004780))

[  590.486597][T10029] erspan0: refused to change device tx_queue_len
[  590.509205][T10029] A link change request failed with some changes committed already. Interface erspan0 may have been left with an inconsistent configuration, please check.
[  591.111659][   T25] Bluetooth: hci7: command 0x1003 tx timeout
[  591.118852][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  591.741646][ T2665] Bluetooth: hci8: command 0x1003 tx timeout
[  591.748833][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  593.191599][   T25] Bluetooth: hci7: command 0x1001 tx timeout
[  593.198542][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  593.821734][   T25] Bluetooth: hci8: command 0x1001 tx timeout
[  593.827817][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  595.261799][ T2665] Bluetooth: hci7: command 0x1009 tx timeout
[  595.901674][ T2665] Bluetooth: hci8: command 0x1009 tx timeout
03:54:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x700000000000000)

03:54:20 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x500}, 0x0)

03:54:20 executing program 4:
bpf$BPF_PROG_ATTACH(0x8, &(0x7f00000019c0)={@cgroup, 0xffffffffffffffff, 0x19, 0x0, 0xffffffffffffffff, @prog_id}, 0x20)

03:54:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f0000000000)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)

03:54:20 executing program 4:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000d00)={<r0=>0xffffffffffffffff})
sendmsg(r0, &(0x7f0000002040)={0x0, 0x0, &(0x7f0000000ec0)=[{&(0x7f0000000d40)="f4", 0x1}], 0x1}, 0x0)

03:54:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x281842, 0x2c, 0x2}, 0x18)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="660fea7f00f2360f011c6566a62e0f01b17200b800008ed0f3a72ab119afda4a12bad10466ed66b95a03000066b80400000066ba000000000f30", 0x3a}], 0x1, 0x21, &(0x7f00000001c0)=[@cstype3={0x5, 0x6}, @efer={0x2, 0xc901}], 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:54:20 executing program 4:
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000061c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000005180), 0x0}, 0x50)

03:54:20 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x600}, 0x0)

03:54:20 executing program 4:
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000d40)={0xffffffffffffffff}, 0xc)

03:54:20 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003180)={0x0, 0xf, &(0x7f0000001fc0)=@ringbuf, &(0x7f0000002080)='syzkaller\x00'}, 0x90)

03:54:20 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x700}, 0x0)

03:54:20 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x200000000000000)

03:54:20 executing program 4:
bpf$LINK_DETACH(0x22, &(0x7f0000001fc0), 0x4)

03:54:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r3 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x281842, 0x2c, 0x2}, 0x18)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="660fea7f00f2360f011c6566a62e0f01b17200b800008ed0f3a72ab119afda4a12bad10466ed66b95a03000066b80400000066ba000000000f30", 0x3a}], 0x1, 0x21, &(0x7f00000001c0)=[@cstype3={0x5, 0x6}, @efer={0x2, 0xc901}], 0x2)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x281842, 0x2c, 0x2}, 0x18) (async)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="660fea7f00f2360f011c6566a62e0f01b17200b800008ed0f3a72ab119afda4a12bad10466ed66b95a03000066b80400000066ba000000000f30", 0x3a}], 0x1, 0x21, &(0x7f00000001c0)=[@cstype3={0x5, 0x6}, @efer={0x2, 0xc901}], 0x2) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)

03:54:20 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x900}, 0x0)

03:54:20 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=@bloom_filter={0x1e, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2}, 0x48)

03:54:20 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000001540), 0x0, 0x0)
ioctl$TUNSETDEBUG(r0, 0x400454c9, 0x0)

03:54:20 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0xb00}, 0x0)

03:54:20 executing program 4:
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000001540), 0x0, 0x0)

03:54:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r3 = openat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x281842, 0x2c, 0x2}, 0x18)
syz_kvm_setup_cpu$x86(r2, r3, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="660fea7f00f2360f011c6566a62e0f01b17200b800008ed0f3a72ab119afda4a12bad10466ed66b95a03000066b80400000066ba000000000f30", 0x3a}], 0x1, 0x21, &(0x7f00000001c0)=[@cstype3={0x5, 0x6}, @efer={0x2, 0xc901}], 0x2) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:54:20 executing program 4:
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001500)={0xffffffffffffffff, 0x0, 0x0}, 0x10)

03:54:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0xf00}, 0x0)

03:54:21 executing program 4:
bpf$OBJ_GET_PROG(0x7, &(0x7f00000000c0)=@generic={&(0x7f0000000080)='./file0\x00'}, 0x18)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000600)=@generic={&(0x7f00000005c0)='./file0\x00'}, 0x18)

03:54:21 executing program 3:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:54:21 executing program 4:
openat$tun(0xffffffffffffff9c, &(0x7f0000001540), 0x0, 0x0)

03:54:21 executing program 3:
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000000)) (async)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0) (async)

03:54:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x1d00}, 0x0)

03:54:21 executing program 4:
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x0, 0xa6, 0x1}, 0x48)

03:54:21 executing program 4:
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0}, 0x38)

03:54:21 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x1f00}, 0x0)

03:54:21 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003180)={0x18, 0xf, &(0x7f0000001fc0)=@ringbuf, &(0x7f0000002080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f00000030c0), 0x10}, 0x90)

03:54:21 executing program 4:
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r0, &(0x7f0000000040)="8933e84d7b4122c2a2b3595e78c2fca7a9b65de82a5bccfcc7adfae23f166df8fda34591becc755f825706fb048b1de50a460b2ba9cf057eaf69a454280b91159ad7d5eb9ab76007c0a5009589152c41fa186f5f75f84ee0cb8c24f062cc1e6d026f2b11a0937649e6f44327306445eb848d0d72ae2c740f246b4c7c8f83c6bc60ac62faf34598", &(0x7f0000000100)=""/25}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000200)={r0, 0x0, 0x0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, 0x0, 0x0)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x0, 0x0, 0x2}}, 0x0, 0x1a, 0x0, 0x0, 0x4}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001000)={0x11, 0x7, &(0x7f0000000d40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x81}, [@map_val, @ldst, @jmp={0x5, 0x0, 0xa, 0x0, 0x1, 0x10, 0x10}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000f80)=[0xffffffffffffffff], 0x0, 0x10, 0x6403159}, 0x90)
r2 = bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, 0xff, 0x58, &(0x7f00000011c0)=""/88, 0x41100, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001240)={0x3, 0xe, 0x5, 0xffffffff}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000001300)=[r2], 0x0, 0x10, 0x7a}, 0x90)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000001500)={@map=r1, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003180)={0x18, 0x11, &(0x7f0000001fc0)=@ringbuf={{}, {}, {}, [@map_val]}, &(0x7f0000002080)='syzkaller\x00', 0x2442, 0x1000, &(0x7f00000020c0)=""/4096}, 0x90)

[  601.421676][ T2665] Bluetooth: hci7: command 0x1003 tx timeout
[  601.428978][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  601.901681][   T25] Bluetooth: hci8: command 0x1003 tx timeout
[  601.908428][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  603.506944][   T25] Bluetooth: hci7: command 0x1001 tx timeout
[  603.513987][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  603.991915][   T25] Bluetooth: hci8: command 0x1001 tx timeout
[  603.998529][ T3537] Bluetooth: hci8: sending frame failed (-49)
[  605.591775][   T25] Bluetooth: hci7: command 0x1009 tx timeout
[  606.061752][   T25] Bluetooth: hci8: command 0x1009 tx timeout
03:54:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x800000000000000)

03:54:30 executing program 3:
syz_open_dev$tty1(0xc, 0x4, 0x1) (async)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$GIO_CMAP(r0, 0x4b70, &(0x7f0000000000))
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0) (async)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r2, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)

03:54:30 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x3000}, 0x0)

03:54:30 executing program 4:
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000040)="8933e84d7b4122c2a2b3595e78c2fca7a9b65de82a5bccfcc7adfae23f166df8fda34591becc755f825706fb048b1de50a460b2ba9cf057eaf69a454280b91159ad7d5eb9ab76007c0a5009589152c41fa186f5f75f84ee0cb8c24f062cc1e6d026f2b11a0937649e6f44327306445eb848d0d72ae2c740f246b4c7c8f83c6bc60ac62faf34598", &(0x7f0000000100)=""/25}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x1ff, 0xa6, 0x1, 0x2000, 0xffffffffffffffff, 0x1000, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x4, 0x2, 0xc}, 0x48)
r1 = bpf$OBJ_GET_PROG(0x7, &(0x7f0000000300)=@generic={&(0x7f00000002c0)='./file0\x00', 0x0, 0x18}, 0x18)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000340)={r1, r0}, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000006c0)={r1, 0xe0, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000400)=[0x0, 0x0, 0x0], ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x3, 0x7, &(0x7f0000000440)=[0x0, 0x0, 0x0], &(0x7f0000000480)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0x4d, &(0x7f00000004c0)=[{}, {}], 0x10, 0x10, &(0x7f0000000500), &(0x7f0000000540), 0x8, 0xbf, 0x8, 0x8, &(0x7f0000000580)}}, 0x10)
r3 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000880)={&(0x7f0000000700)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x1c, 0x1c, 0x6, [@fwd, @int={0xb, 0x0, 0x0, 0x1, 0x0, 0x75, 0x0, 0x76, 0x1}]}, {0x0, [0x2e, 0x0, 0x2e, 0x0]}}, 0x0, 0x3a, 0x0, 0x1, 0x4}, 0x20)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000b00)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000bc0)={0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x41, '\x00', r2, 0x14, r3, 0x8, &(0x7f00000008c0)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000900)={0x4, 0x9, 0x2, 0x6}, 0x10, 0x0, r1, 0x2, &(0x7f0000000b40)=[0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, r0], &(0x7f0000000b80)=[{0x5, 0x2, 0x2, 0xb}, {0x2, 0x5, 0xc, 0x9}], 0x10, 0x8000}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000d00)={{r0, <r4=>0xffffffffffffffff}, &(0x7f0000000c80), &(0x7f0000000cc0)=r1}, 0x20)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000f00)={r0, 0x58, &(0x7f0000000e80)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r6=>0x0}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001000)={0x11, 0xf, &(0x7f0000000d40)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x81}, [@map_fd={0x18, 0xb}, @map_val={0x18, 0xb, 0x2, 0x0, r0, 0x0, 0x0, 0x0, 0x9957}, @map_idx={0x18, 0xe}, @call={0x85, 0x0, 0x0, 0x16}, @exit, @map_val={0x18, 0x8, 0x2, 0x0, r4}, @ldst={0x0, 0x2, 0x4, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, @jmp={0x5, 0x0, 0xa, 0x0, 0x1, 0x0, 0x10}]}, &(0x7f0000000e00)='syzkaller\x00', 0x20, 0x0, &(0x7f0000000e40), 0x41100, 0x83, '\x00', r6, 0x0, r3, 0x8, &(0x7f0000000f40)={0x0, 0x3}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, &(0x7f0000000f80)=[r0, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000fc0)=[{0x0, 0x5, 0xd, 0x7}, {0x0, 0x3, 0xf, 0xb}, {}], 0x10, 0x6403159}, 0x90)
r7 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000001280)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x8000, '\x00', 0x0, r3, 0x4, 0x1, 0x3}, 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x18, 0x11, &(0x7f00000010c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@map_idx_val={0x18, 0xa, 0x6, 0x0, 0x7, 0x0, 0x0, 0x0, 0x253d}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001180)='GPL\x00', 0xff, 0x58, &(0x7f00000011c0)=""/88, 0x41100, 0x11, '\x00', r2, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001240)={0x3, 0xe, 0x5}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7a}, 0x90)
bpf$BPF_PROG_QUERY(0x10, 0x0, 0x0)
r8 = openat$tun(0xffffffffffffff9c, 0x0, 0x2100, 0x0)
ioctl$TUNSETDEBUG(r8, 0x400454c9, &(0x7f0000001580)=0x7)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000001780)={r3, 0x20, &(0x7f0000001740)={&(0x7f00000015c0)=""/218, 0xda, 0x0, &(0x7f00000016c0)=""/127, 0x7f}}, 0x10)
r9 = bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f00000017c0)={r5, 0x6, 0x28}, 0xc)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001c00)={r1, 0xe0, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, &(0x7f0000001940)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0], ""/16, <r10=>0x0, 0x0, 0x0, 0x0, 0x1, 0x1, &(0x7f0000001980)=[0x0], &(0x7f00000019c0)=[0x0], 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000001a40), &(0x7f0000001a80), 0x8, 0x50, 0x8, 0x8, &(0x7f0000001ac0)}}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001d00)={0x0, 0x0, 0x0, &(0x7f0000001840)='GPL\x00', 0x68, 0xa0, &(0x7f0000001880)=""/160, 0x41100, 0x6a, '\x00', r10, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000001c40)={0x2, 0x8, 0x3, 0x5ba}, 0x10, 0x0, 0x0, 0x1, &(0x7f0000001c80)=[r0, 0xffffffffffffffff, r0, 0xffffffffffffffff], &(0x7f0000001cc0)=[{0x1, 0x2, 0x8}]}, 0x90)
ioctl$TUNSETIFINDEX(r8, 0x400454da, &(0x7f0000001dc0))
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000001e80), 0x4)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001f40)={{0x1, <r11=>0xffffffffffffffff}, 0x0, &(0x7f0000001f00)=r1}, 0x20)
bpf$BPF_MAP_FREEZE(0x16, &(0x7f0000001f80)=r11, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000003180)={0x18, 0x11, &(0x7f0000001fc0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x62c}, {}, {}, [@map_val={0x18, 0x0, 0x2, 0x0, r4, 0x0, 0x0, 0x0, 0x205}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000002080)='syzkaller\x00', 0x2442, 0x1000, &(0x7f00000020c0)=""/4096, 0x41000, 0x9, '\x00', r10, 0x0, r3, 0x8, 0x0, 0x0, 0x10, &(0x7f00000030c0)={0x3, 0xd, 0x33e, 0xffffff51}, 0x10, 0x0, 0x0, 0x0, &(0x7f0000003100)=[r7, r9, r0]}, 0x90)
bpf$OBJ_GET_PROG(0x7, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000004480)=@bpf_tracing={0x1a, 0x0, 0x0, &(0x7f0000003300)='syzkaller\x00', 0xfffffffc, 0x1000, &(0x7f0000003340)=""/4096, 0x40f00, 0x0, '\x00', r2, 0x19, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x87d0, r1}, 0x90)

03:54:30 executing program 4:
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001340)={0x0, 0x0, 0x0, &(0x7f0000001180)='GPL\x00'}, 0x90)

03:54:30 executing program 4:
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/slabinfo\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000001a80)={0x2020}, 0x2020)
read$FUSE(r0, &(0x7f0000003ac0)={0x2020}, 0x2020)

03:54:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = geteuid()
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000301, r3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000000)="66660fdf5af866b9800000c00f326635000400000f30660f381dd1baf80c66b814c2888366efbafc0cb0a3ee0fae62280f011d660f388210bad10466b80088000066eff75700f0815e000000", 0x4c}], 0x1, 0x6e, &(0x7f0000000180)=[@cstype3={0x5, 0xd}], 0x1)

03:54:30 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x4000}, 0x0)

03:54:30 executing program 4:
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0xc0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}, 0x2c, {}, 0x2c, {'group_id', 0x3d, 0xee00}})

03:54:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200200, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
geteuid() (async)
r3 = geteuid()
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000301, r3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000000)="66660fdf5af866b9800000c00f326635000400000f30660f381dd1baf80c66b814c2888366efbafc0cb0a3ee0fae62280f011d660f388210bad10466b80088000066eff75700f0815e000000", 0x4c}], 0x1, 0x6e, &(0x7f0000000180)=[@cstype3={0x5, 0xd}], 0x1)

03:54:30 executing program 4:
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mount$fuse(0x20000000, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)

[  609.730877][T10195] fuse: Bad value for 'group_id'
03:54:30 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$TCFLSH(r1, 0x400455c8, 0x300000000000000)

03:54:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
geteuid() (async)
r3 = geteuid()
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
quotactl_fd$Q_QUOTAOFF(r0, 0xffffffff80000301, r3, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe6000/0x18000)=nil, &(0x7f0000000140)=[@textreal={0x8, &(0x7f0000000000)="66660fdf5af866b9800000c00f326635000400000f30660f381dd1baf80c66b814c2888366efbafc0cb0a3ee0fae62280f011d660f388210bad10466b80088000066eff75700f0815e000000", 0x4c}], 0x1, 0x6e, &(0x7f0000000180)=[@cstype3={0x5, 0xd}], 0x1)

03:54:30 executing program 4:
r0 = epoll_create(0x4)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000180)={0x3000000c})

03:54:30 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x4400}, 0x0)

03:54:30 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x400, 0x81, 0x1f, 0x81, 0xf8, 0x1, 0x2, 0x80, 0x80, 0x5, 0x6, 0x2, 0x28}, {0xffff25d2, 0x5, 0x8, 0x3f, 0x81, 0x81, 0x1, 0x81, 0x8, 0x20, 0x3, 0x5f, 0xffffffffffffffff}, {0x200, 0x101, 0xe2, 0xfd, 0x8, 0x3, 0x6, 0x0, 0x1, 0x8, 0x7, 0xf8, 0x6}], 0x3f})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:54:31 executing program 4:
mknod$loop(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
mount$binder(0x0, &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x0, 0x0)

03:54:31 executing program 4:
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000780)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$rfkill(r0, &(0x7f0000000000), 0x8)
read$FUSE(r0, &(0x7f00000024c0)={0x2020}, 0x2020)

03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x400, 0x81, 0x1f, 0x81, 0xf8, 0x1, 0x2, 0x80, 0x80, 0x5, 0x6, 0x2, 0x28}, {0xffff25d2, 0x5, 0x8, 0x3f, 0x81, 0x81, 0x1, 0x81, 0x8, 0x20, 0x3, 0x5f, 0xffffffffffffffff}, {0x200, 0x101, 0xe2, 0xfd, 0x8, 0x3, 0x6, 0x0, 0x1, 0x8, 0x7, 0xf8, 0x6}], 0x3f}) (async, rerun: 32)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (rerun: 32)

03:54:31 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x6000}, 0x0)

03:54:31 executing program 4:
syz_mount_image$jfs(&(0x7f0000005e00), &(0x7f0000005e40)='./file0\x00', 0x0, &(0x7f0000000140)=ANY=[], 0x3, 0x5dcc, &(0x7f000000bcc0)="$eJzs3U1vHVf9B/Df3Cc/9N/W6qLqP0LITctDKc1jCYECbRewYMMCZYsSuW4VkQJKAkqriLjyhgUvAoTEEiGWrHgBXbBlxwsgUoIE6opBY5+TjCfXuQ6O79g+n4/kzPzmzPieyfc+embuCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgvv+9H56tIuLyL9KClYj/i2HEIGKpqVcjYml1Ja8/ioiXYqs5XoyI8UJEs/3WP89HvBkRnz4Xce/+7bVm8bk99uO7f/zb7370zA/++ofx6X//6ebwrd3Wu3Xr1//685397TMAAACUpq7rukof80+kz/eDvjsFAMxFfv2vk7xcrVar1Wr18avb6unutIuI2Ghv07xncDgeAI6Yjfis7y7QI/kXbRQRz/TdCeBQq/ruAAfi3v3ba1XKt2q/Hqxut+dzQXbkv1E9uL5jt+ks3XNM5nX/2oxhvLBLf5bm1IfDJOc/6OZ/ebt9ktY76PznZbf8J9uXPhUn5z/s5t9xfPIfTM2/VDn/0RPlP5Q/AAAAAAAcYvnv/ys9H/9d2P+u7Mnjjv+uzqkPAAAAAAAAAPC07Xf8vweM/wcAAACHVvNZvfGb5x4u2+272Jrll6qIZzvrA4VJF8ss990PAAAAAAAAAAAAACjJaPsc3ktVxDginl1eruu6+Wnr1k9qv9sfdaXvP5Ss7yd5AADY9ulznWv5q4jFiLiUvutvvLy8XNeLS8v1cr20kN/PThYW66XW59o8bZYtTPbwhng0qZtfttjarm3W5+VZ7d3f19zWpB7uoWPz0WPgABAR269G97wiHTN1/Xz0/S6Ho8Hj//jx+Gcv+r6fAgAAAAevruu6Sl/nfSId8x/03SkAYC7y63/3uIBarVar1erjV7fV091pFxGx0d6mec9gOH4AOGI24rO+u0CP5F+0UUS81HcngEOt6rsDHIh792+vVSnfqv16kMZ3z+eC7Mh/o9raLm8/bTpL9xyTed2/NmMYL+zSnxfn1IfDJOc/6OZ/ebt9ktY76PznZbf8m/1c6aE/fcv5D7v5dxyf/AdT8y9Vzn/0RPkP5Q8AAAAAAIdY/vv/iuO/eZcBAAAAAAAA4Mi5d//2Wr7uNR///9yU9Vz/eTzl/Cv5FynnP+jk/+XOesPW/N13H+b/z/u3135/8x//n6d7zX8hz1TpnlWle0SVbqkapel+9u5Rm+PhpLmlcTUYjtI5P/X4/bga12I9zuxYd5D+Px62n93R3vR0vKP93I720SPt53e0j9P3DtRLuf1UrMVP41q8t9XetC3M2P/FGe31jPac/9Djv0g5/1Hrp8l/ObVXnWnj7ieDRx737em023nn6ud/debgd2emzRg+2Le2Zv9O9tCfrf+TZybx8xvr10/dunLz5vWzkSY7lp6LNHnKcv7j9PPg+f+V7fb8vN9+vN79ZPLE+R8WmzHaNf9XWvPN/r425771Iec/ST85//dS+/TH/1HOf/fH/+s99AcAAAAAAAAAAAAAAAAep67rrUtE34mIC+n6n76uzQQA5iu//tdJXq5Wq9Vqtfr41W31dG+3i4j4S3ub5j3DL6f9MgDgMPtPRPy9707QG/kXLH/fXzN9te/OAHN146OPf3zl2rX16zf67gkAAAAAAAAA8L/K43+utsZ/fjUiVjrr7Rj/9d1Y3e/4n6M882CA0ac80PcuNgeT4aA13PjL8fjxv0/G48f/Hs24vfGM9smM9oUZ7Ysz2qde6NGS83+5Nd55k/+JzvDrJYz/2h3zvgQ5/5Ot+3OT/5c667Xzr397lPMf7Mj/9M0Pf3b6xkcfv3H1wysfrH+w/pPzZ8+eOX/hwsWLF0+/f/Xa+pntf3vs8cHK+eexr50HWpacf85c/mXJ+X8h1fIvS87/i6mWf1ly/vn9nvzLkvPPn33kX5ac/2upln9Zcv5fSbX8y5Lzfz3V8i9Lzv+rqZZ/WXL+b6Ra/mXJ+Z9KtfzLkvM/nWr5lyXnn49wyb8sOf98ZoP8y5LzP5dq+Zcl538+1fIvS87/zVTLvyw5/6+lWv5lyflfSLX8y5Lz/3qq5V+WnP/FVMu/LDn/b6Ra/mXJ+X8z1fIvS87/rVTLvyw5/2+lWv5lyfl/O9XyL0vO/zupln9Zcv5vp1r+ZXn4/f9mzJgxk2f6fmYCAAAAAAAAAAAAALrmcTpx3/sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9lBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYubcYuer7DuBn17v22tycQKihhqyNY4xZ2PUFX9K6cQghFJKm3NLQC7brXZtNfMO7ToAi2RFJgxRHjapU5aVtEqGWlypWlYe0ohEPVas+lfYhfalSVcoDqkhEIlVqq5aN5sz//9+Z8dk5azw4M+d8PhL+eWfOzP/MmTOz+13zHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoteEjM18eyrKs8V/+x9osu7rx99Xja/PLPvjz3kMAAADgcv1//udb16UL9i/jRi3b/MOt//SdhYWFhezTK/5o9OsLC+mK8SwbXZVl+XXRhf94Yqh1m+CFbGxouOXr4ZLlV5RcP1Jy/WjJ9StLrl9Vcv1YyfUXHYCLrG7+Pia/s035X9c2D2l2QzaaX7ep4FYvDK0aHo6/y8kN5bdZGD2SzWbHsplsqm375rZD+favbmis9UAW1xpuWWt94wz5yfOH4z4MhWO8qW2txfuMfvThbPynP3n+8J/Pv3lT0Sw9DG3319zPLRsb+/nFcElzX4eyVemYxP0cbtnP9QXPyYq2/RzKb9f4e+d+vrXM/VyxuJtXVOdzPpYN539/PT9OI62/1kvHaX247L9vy7Ls3OJud25z0VrZcLam7ZLhxednrHlGNu6jcSq9Nxu5pPN0wzLO08ac3tR+nna+JuLzvyHcbmSJfWh9mn70hZUXPe+Xep5GjUe91Gul8xzs9WulX87BeF68nj/oFwvPwU3h8T+/eelzsPDcKTgH0+NuOQc3lp2DwytX5PucnoSh/DaL5+C2tu1X5CsN5fONzd3Pwcn546cm55597q7Z44eOzhydObFj27apHbt27dmzZ/LI7LGZqeaf7/Bo97812XB6DWwMxy6+Bm7v2Lb1VF34Zu9eh2NdXodrO7bt9etwpPPBDV2ZF+TF53TztfFY46CPnR/OlniN5c/P1st/HabH3fI6HGl5HRZ+Tyl4HY4s43XY2ObU1uX9zDLS8l/RPrxb3wvWtpyDnT+PdJ6Dvf55pF/OwbFwXvzb1qW/F6wP+/vixKX+PLLionMwPdzw3tO4JP28P7YnH0Xn5c2NK65amZ2Zmzl99zOH5udPb8vCuCKubzlXOs/XNS2PKbvofB2+5PN1/+ytL95ccPnacKzG7mr8Mbbkc9XYZufd3Z+r/Ltb8fFsu3R7FkaPXenjWfTdvHE8U5bscjwb23xx8vJ/Fk+5tOX9d3SJ99+Y+99urpfu6oUVoyPN1++KdHRG296P25+qkfy9ayhf+63J5b0fj4b/rvT78Q1d3o/XdWzb6/fj0c4HF9+Ph8p+23F5Op/PsXCeHJvq/n7c2Gbd9ks9J0e6vh/fFuZQOP53hKSQclHLubPUeZvWGhkZDY9rJK7Qfp7uaNt+NGSzxlqvbH9n5+mW25r3tSI9ukVX6jwd79i21+dper9a6jwdKvvt2zvT+XyOhfPihh3dz9PGNq/tvPz3ztXxry3vnSvLzsHRFSsb+zyaTsLm+/3C6ngO3p0dzk5mx7Lp/NqV+fk0lK81cc/yzsGV4b8r/V65rss5uKVj216fg+n72FLn3tDIxQ++Bzqfz7FwXrx0T/dzsLHNfbt7+7PrlnBJ2qblZ9fO368t9TuvmzsO07v5O6/Gfv7d7u6/m21sc2zPpebM7sfpznDJVQXHqfP1u9Rrajq7MsdpXdjPN/csfZwa+9PY5ut7l3k+7c+y7OzT9+a/7w3/vvJXZ77/nbZ/dyn6N52zT9/742uO/P2l7D8Ag+/t5ljT/F7X8i9Ty/n3fwAAAGAgxNw/HGYi/wMAAEBlxNwf/6/wRP4HAACAyoi5fyTMpCb5f919b86+fTZLzfyFIF6fDsODze1ix3UqfD2+sKhx+b0vz/zX35xd3trDWZb934O/V7j9ugfjfjWNh/288NH2yy++4dllrX/w8cXtWvvr3wj3Hx/Pck+DogruVJZlr1731Xyd8SfO5/O1Bw/m85FzL77Q2Oatvc2v4+3fuL65/Z+E8u/+I4fabv9GOA4/DHPqoeLjEW/37fN3rN/9qcX14u2GNl6bP+yXnmzeb/ycnK+90Nw+Huel9v9vv/LKtxvbP/OB4v0/O1y8/6+E+305zP+5pbl963PQ+Dre7kth/+N68XZ3f+t7hft/4cvN7U/d39zuYJhx/S3h6033vznberyeGTrU9riyjzW3i+tPff8P8uvj/cX779z/sQPn245H5/nx2r8072eyY/t4eVwn+uuO9Rv303p+xvVf+f2Dbce5bP0Lj7xxS+N+O9e/s2O7U09vzddfvL/2T2z60y99tXC9uD/7//JU2+PZ/3B4HYf1X3oynI/h+v+90Ly/zk9XOPhw+/tP3P4ba8+2PZ7ogZ8217/woaP5XDW2es1VV19z7bn3N45dlr3+aPP+ytY/+mcn2/b/mzc2j0e8Pnb0O9dfSlz/9OcnTpycOzM73XJU88/O+Xhzf+L+XhfeWzu/PnBy/qmZ0+NT41NZNl7dj9B7x74V5o+b49yl3n7r4+H5vPmPX12z+Z+/Ei//18eal59/qPl96/aw3dfC5WvD83e567+04cb89T30WvPrth57D6zf9J97lrVhePydPxfE8/3U+57Kj0Pjuvz7RnxdX+b+/2C6eT/fDcd1IXwy88YbF9dr3T5+NsL5R5uv98s+fuFtLj6vfxGe70/8sHn/cb/i4/1B+Dnme+va3+/i+fHds8Od959/ise58H6SnWteH7eKx/v8WzcW7l78HJLs3E3513+Y7uemS3qYS5l7dm7y2OyJM89Mzs/MzU/OPfvcgeMnz5yYP5B/lueBz5TdfvH9aU3+/jQ9s2tnlr9bnWyOd9nPe/9PPX54evfU5umZI4fOHJl//NTM6aOH5+YOz0zPbT505MjM58tuPzu9b9v2vTt2b584Oju9b8/evTv2TsyeONnYjeZOldg19dmJE6cP5DeZ27dz77Z77tk5NXH85PTMvt1TUxNnym6ff2+aaNz6cxOnZ44dmp89PjMxN/vczL5te3ft2l76aYDHTx2ZG588febE5Jm5mdOTzccyPp9f3PjeV3Z7qmnu35s/z3Yaan4QX/bJO3elz2dtePkLS95Vc5OODxB9M3wWzT++59Se5Xwdc/9omElN8j8AAADUQcz9K8NM5H8AAACojJj7V4WZyP8AAABQGTH3j4WZ1CT/6//r/+v/6//r/xevr/8/mPT/u9P/L6H/r/+v/6//T0/1W/8/5v7VWVbL/A8AAAB1EHP/mjAT+R8AAAAqI+b+q8JM5H8AAACojJj7rw4zqUn+1//X/9f/1//X/y9eX/9/MOn/d6f/X0L/X/9f/1//n57qt/5/zP3XhJnUJP8DAABAHcTcf22YifwPAAAAlRFz/3VhJvI/AAAAVEbM/WvDTGqS//X/9f/1//X/9f+L19f/H0z6/93p/5fQ/9f/1//X/6en+q3/H3P/e8JMapL/AQAAoA5i7n9vmIn8DwAAAJURc//1YSbyPwAAAFRGzP03hJnUJP/r/+v/6//r/+v/F6+v/z+Y9P+70/8vof+v/6//r/9PT/Vb/z/m/veFmdQk/wMAAEAdxNx/Y5iJ/A8AAACVEXP/L4SZyP8AAABQGTH3rwszqUn+1//X/9f/1//X/y9eX/9/MOn/d6f/X0L/X/9f/1//n57qt/5/zP03hZnUJP8DAABAHcTcf3OYifwPAAAAlRFz/y+Gmcj/AAAAUBkx968PM6lJ/tf/1//X/9f/1/8vXl//fzDp/3en/19C/1//X/9f/5+e6rf+f8z9t4SZ1CT/AwAAQB3E3H9rmIn8DwAAAJURc//7w0zkfwAAAKiMmPvHw0xqkv/1//X/9f/1//X/i9fX/x9M+v/d6f+X0P/X/9f/1/+np/qt/x9z/4Ywk5rkfwAAAKiDmPs3hpnI/wAAAFAZMfffFmYi/wMAAEBlxNy/KcykJvlf/1//X/9f/1//v3h9/f/BpP/fnf5/Cf1//X/9f/1/eqrf+v8x938gzKQm+R8AAADqIOb+zWEm8j8AAABURsz9t4eZyP8AAABQGTH3bwkzqUn+1//X/9f/1//X/y9eX/9/MOn/d6f/X0L/X/9f/1//n57qt/5/zP13hJnUJP8DAABAHcTcvzXMRP4HAACAyoi5/84wE/kfAAAAKiPm/okwk5rkf/1//X/9f/1//f/i9fX/B5P+f3f6/yX0//X/9f/1/+mpfuv/x9x/V5hJTfI/AAAA1EHM/XeHmcj/AAAAUBkx90+Gmcj/AAAAUBkx90+FmdQk/+v/6//r/+v/6/8Xr6//P5j0/7vT/y+h/6//r/+v/09P9Vv/P+b+bWEmNcn/AAAAUAcx928PM5H/AQAAoDJi7t8RZiL/AwAAQGXE3L8zzKQm+V//X/9f/1//X/+/eH39/8Gk/9+d/n8J/X/9f/1//X96qt/6/zH33xNmUpP8DwAAAHUQc/+uMBP5HwAAACoj5v7dYSbyPwAAAFRGzP17wkxqkv/1//X/9f/1//X/i9fX/x9M+v/d6f+X0P/X/9f/1/+np/qt/x9z/94wk5rkfwAAAKiDmPs/GGYi/wMAAEBlxNz/S2Em8j8AAABURsz9vxxmUpP8r/+v/6//r/+v/1+8vv7/YNL/707/v4T+v/6//r/+Pz3Vb/3/mPv3hZnUJP8DAABAHcTc/ythJvI/AAAAVEbM/R8KM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r/9fvL7+/2DS/+9O/7+E/r/+v/6//j891W/9/5j7PxxmUpP8DwAAAHUQc/+9YSbyPwAAAFRGzP0fCTOR/wEAAKAyYu6/L8ykJvlf/1//X/9f/1//v3h9/f/BpP/fnf5/Cf1//X/9f/1/eqrf+v8x9380zKQm+R8AAADqIOb++8NM5H8AAACojJj7PxZmIv8DAABAZcTc/0CYSU3yv/6//r/+v/6//n/x+vr/g0n/vzv9/xL6//r/+v/6//RUv/X/Y+7/1TCTmuR/AAAAqIOY+x8MM5H/AQAAoDJi7n8ozET+BwAAgMqIuf/jYSY1yf/6//r/+v/6//r/xevr/w8m/f/u9P9L6P/r/+v/6//TU/3W/4+5/xNhJjXJ/wAAAFAHMff/WpiJ/A8AAACVEXP/J8NM5H8AAACojJj7fz3MpCb5X/9f/1//X/9f/794ff3/waT/353+fwn9f/1//X/9f3qq3/r/Mfc/HGZSk/wPAAAAdRBz/yNhJvI/AAAAVEbM/Y+Gmcj/AAAAUBkx9z8WZlKT/K//r/+v/6//r/9fvL7+/2DS/+9O/7+E/r/+v/6//j891W/9/5j7Hw8zqUn+BwAAgDqIuf9TYSbyPwAAAFRGzP2/EWYi/wMAAEBlxNz/6TCTmuR//X/9f/1//X/9/+L19f8Hk/5/d/r/JfT/9f/1//X/6al+6//H3P9EmElN8j8AAADUQcz9vxlmIv8DAABAZcTc/1thJvI/AAAAVEbM/b8dZlKT/K//r/+v/6//r/9fvL7+/2DS/+9O/7+E/r/+v/6//j891W/9/5j7fyfMpCb5HwAAAOog5v4nw0zkfwAAAKiMmPsPhJnI/wAAAFAZMfcfDDOpSf7X/9f/1//X/9f/L15f/38w6f93p/9fQv9f/1//X/+fnuq3/n/M/YfCTGqS/wEAAKAOYu7/3TAT+R8AAAAqI+b+w2Em8j8AAABURsz902EmNcn/+v/6//r/+v/6/8Xr6/8PJv3/7vT/S+j/6//r/+v/01P91v+PuX8mzKQm+R8AAADqIOb+I2Em8j8AAABURsz9R8NM5H8AAACojJj7nwozqUn+1//X/9f/1//X/y9eX/9/MOn/d6f/X0L/X/9f/1//n57qt/5/zP2zYSY1yf8AAABQBzH3fybMRP4HAACAyoi5/7NhJvI/AAAAVEbM/cfCTGqS//X/9f/1//X/9f+L19f/H0z6/93p/5fQ/9f/1//X/6en+q3/H3P/8TCTmuR/AAAAqIOY+0+Emcj/AAAAUBkx958MM5H/AQAAoDJi7j8VZlKT/K//r/+v/6//r/9fvL7+/2DS/+9O/7+E/r/+v/6//j891W/9/5j7nw4zqUn+BwAAgDqIuf90mIn8DwAAAJURc/9cmIn8DwAAAJURc/98mElN8r/+v/6//r/+v/5/8fr6/4NJ/787/f8S+v/6//r/+v/0VL/1/2PuPxNmUpP8DwAAAHUQc//nwkzkfwB+xr49qwGw7mAYvexj27Zt27Ztn22bxW6SVPPMNFPMn6zVpEz9FS8AAG3k7n9S3GL/AwAAQBu5+58ctwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n7nxK3DNn/AAAAMEHu/qfGLfY/AAAAtJG7/2lxi/0PAAAAbeTuf3rcMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+5/RtwyZP8DAADABLn7nxm32P8AAADQRu7+Z8Ut9j8AAAC0kbv/2XHLkP2v/9f/6//1//r/7f/6/zXp//fp/w/o//X/+n/9P6e6Wv+fu/85ccuQ/Q8AAAAT5O5/btxi/wMAAEAbufufF7fY/wAAANBG7v7nxy1D9r/+X/+v/9f/6/+3/+v/16T/36f/P6D/1//r//X/nOpq/X/u/hfELUP2PwAAAEyQu/+FcYv9DwAAAG3k7n9R3GL/AwAAQBu5+18ctwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n7XxK3DNn/AAAAMEHu/pfGLfY/AAAAtJG7/2Vxi/0PAAAAbeTuf3ncMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+5/RdwyZP8DAADABLn7Xxm32P8AAADQRu7+V8Ut9j8AAAC0kbv/1XHLkP2v/9f/6//1//r/7f/6/zXp//fp/w/o//X/+n/9P6e6Wv+fu/81ccuQ/Q8AAAAT5O5/bdxi/wMAAEAbuftfF7fY/wAAANBG7v7Xxy1D9r/+X/+v/9f/6/+3/+v/16T/36f/P6D/1//r//X/nOpq/X/u/jfELUP2PwAAAEyQu/+NcYv9DwAAAG3k7n9T3GL/AwAAQBu5+98ctwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n73xK3DNn/AAAAMEHu/rfGLfY/AAAAtJG7/21xi/0PAAAAbeTuf3vcMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+5/R9wyZP8DAADABLn73xm32P8AAADQRu7+d8Ut9j8AAAC0kbv/3XHLkP2v/9f/6//1//r/7f/6/zXp//fp/w/o//X/+n/9P6e6Wv+fu/89ccuQ/Q8AAAAT5O5/b9xi/wMAAEAbufvfF7fY/wAAANBG7v73xy1D9r/+X/+v/9f/6/+3/+v/16T/36f/P6D/1//r//X/nOpq/X/u/g/ELUP2PwAAAEyQu/+DcYv9DwAAAG3k7v9Q3GL/AwAAQBu5+z8ctwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n7PxK3DNn/AAAAMEHu/o/GLfY/AAAAtJG7/2Nxi/0PAAAAbeTu/3jcMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+7/RNwyZP8DAADABLn7Pxm32P8AAADQRu7+T8Ut9j8AAAC0kbv/03HLkP2v/9f/6//1//r/7f/6/zXp//fp/w/o//X/+n/9P6e6Wv+fu/8zccuQ/Q8AAAAT5O7/bNxi/wMAAEAbufs/F7fY/wAAANBG7v7Pxy1D9r/+X/+v/9f/6/+3/+v/16T/36f/P6D/1//r//X/nOpq/X/u/i/ELUP2PwAAAEyQu/+LcYv9DwAAAG3k7v9S3GL/AwAAQBu5+78ctwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n7vxK3DNn/AAAAMEHu/q/GLfY/AAAAtJG7/2txi/0PAAAAbeTu/3rcMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+7/RtwyZP8DAADABLn7vxm32P8AAADQRu7+b8Ut9j8AAAC0kbv/23HLkP2v/9f/6//1//r/7f/6/zXp//fp/w/o//X/+n/9P6e6Wv+fu/87ccuQ/Q8AAAAT5O7/btxi/wMAAEAbufu/F7fY/wAAANBG7v7vxy1D9r/+X/+v/9f/6/+3/+v/16T/36f/P6D/1//r//X/nOpq/X/u/h/ELUP2PwAAAEyQu/+HcYv9DwAAAG3k7v9R3GL/AwAAQBu5+38ctwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n7fxK3DNn/AAAAMEHu/p/GLfY/AAAAtJG7/2dxi/0PAAAAbeTu/3ncMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+7/RdwyZP8DAADABLn7fxm32P8AAADQRu7+X8Ut9j8AAAC0kbv/13HLkP2v/9f/6//1//r/7f/6/zXp//fp/w/o//X/+n/9P6e6Wv+fu/83ccuQ/Q8AAAAT5O7/bdxi/wMAAEAbuft/F7fY/wAAANBG7v7fxy1D9r/+X/+v/9f/6/+3/+v/16T/36f/P6D/1//r//X/nOpq/X/u/j/ELUP2PwAAAEyQu/+PcYv9DwAAAG3k7v9T3GL/AwAAQBu5+/8ctwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n7/xK3DNn/AAAAMEHu/r/GLfY/AAAAtJG7/29xi/0PAAAAbeTu/3vcMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+7/R9wyZP8DAADABLn7/xm32P8AAADQRu7+f8Ut9j8AAAC0kbv/33HLkP2v/9f/6//1//r/7f/6/zXp//fp/w/o//X/+n/9P6e6Wv+fu/8/ccuQ/Q8AAAAT5O7/b9xi/wMAAEAbufv/F7fY/wAAANBG7v7/xy1D9r/+X/+v/9f/6/+3/+v/16T/36f/P6D/1//r//X/nOpq/X/u/hviliH7HwAAACbI3X9j3GL/AwAAQBu5+2+KW+x/AAAAaCN3/81xy5D9r//X/+v/9f/6/+3/+v816f/36f8P6P/1//p//T+nulr/n7v/lrhlyP4HAACACXL33xq32P8AAADQRu7+2+IW+x8AAADayN1/e9wyZP/r//X/+n/9v/5/+7/+f036/336/wP6f/2//l//z6mu1v/n7r8jbhmy/wEAAGCC3P13xi32PwAAALSRu/+uuMX+BwAAgDZy998dtwzZ//p//b/+X/+v/9/+r/9fk/5/n/7/gP5f/6//1/9zqqv1/7n774lbhux/AAAAmCB3/71xi/0PAAAAbeTuvy9usf8BAACgjdz998ctQ/a//l//r//X/+v/t//r/9ek/9+n/z+g/9f/6//1/5zqav1/7v4H4pYh+x8AAAAmyN3/YNxi/wMAAEAbufsfilvsfwAAAGgjd//DccuQ/a//1//r//X/+v/t//r/Nen/9+n/D+j/9f/6f/0/p7pa/5+7/5G4Zcj+BwAAgAly9z8at9j/AAAA0Ebu/sfiFvsfAAAA2sjd/3jcMmT/6//1//p//b/+f/u//n9N+v99+v8D+n/9v/5f/8+prtb/5+5/IgAA///Dtn2t")
r0 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r1 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0)
ftruncate(r1, 0x2007ffb)
sendfile(r0, r1, 0x0, 0x1000000201005)
r2 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r3 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0)
dup2(r3, r2)
sendfile(r2, r3, 0x0, 0x1000000201005)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, 0xffffffffffffffff, 0x0)
open(&(0x7f00000005c0)='./bus\x00', 0x0, 0x0)
pwritev2(0xffffffffffffffff, &(0x7f0000000240)=[{}], 0x1, 0x0, 0x0, 0x0)
openat$vimc1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000010c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000300)=ANY=[], 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x10, r4, 0x0)
read$FUSE(r4, 0x0, 0x0)
r5 = open(&(0x7f0000000000)='./bus\x00', 0x60142, 0x0)
r6 = open(&(0x7f0000007f80)='./bus\x00', 0x145142, 0x0)
ftruncate(r6, 0x6a)
dup2(0xffffffffffffffff, 0xffffffffffffffff)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(0xffffffffffffffff, 0xc018937c, &(0x7f0000000200)={{0x1, 0x1, 0x18}, './file0\x00'})
sendfile(r5, r6, 0x0, 0x1000000201005)
openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000005b00)=ANY=[@ANYBLOB='nonumtail=0,quiet,uni_xlate=1,uni_xlate=1,nonumtail=1,fmask=01777777777777777777777,utf8=1,rodir,utf8=1,uid=', @ANYRESHEX, @ANYBLOB="2c756e695f786c6174653d312c756e695f786c6174653d312c71756965742c646973636172642c73686f72746e616d653d6d6978656400008d93c3891882b2a1dacab425ab8af98970461441cd215e5390a67a5b88c87f75a69213cd285da44c349d7126fe160f379b025022eaa1707cf6a4dc3076d0f1ea17842906c5939c5b560b0e63e92cda4f461a125f816e05029dc5c7c5a456ff9bbb78b845379321793bfabc53528ef323d2e5945b6cfd7fa9c372bb0ff4d22b8d6a2d0ce0c45028d984bb5594c110"], 0x6, 0x2a1, &(0x7f0000002300)="$eJzs3T9rI0cUAPC3siwpSSEVqUIgC0mRythu08gEG0xUJahIUiQmtiFYImCDIX+I4iptmpT5BIFAuvsS19w3OLj24LpzYdhjpd2T7JNl67Ds+/P7NR7Pzpt5Mx5sXOzT9x/2D3bT2D/57WE0GklU2tGO0yRaUYnSH3FO+68AAF5np1kWT7KReeKSiGgsLi0AYIHm/vv//8JTAgAW7Kuvv/lio9PZ/DJNG7HV//O4m/9nn38dPd/Yjx+jF3uxGs04i8ieG7W3siwbVNNcKz7pD467eWT/u/vF/BuPI4bxa9GM1rDrfPx2Z3MtHZmIH+R5vFus387j16MZ709Zf7uzuT4lPrq1+PTjifxXohkPfoifohe7wyTG8b+vpenn2d9Pf/02Ty+PTwbH3fpw3Fi2dMs/GgAAAAAAAAAAAAAAAAAAAAAA3mArRe2cegzr9+RdRf2dpbP8m+VIS63z9XlG8Uk50YX6QIMs/inr66ymaZoVA8fx1figGtW72TUAAAAAAAAAAAAAAAAAAAC8Wo5+/uVgp9fbO7yRRlkNoHyt/2XnaU/0fBSzB9fHa1WK5oyZY6kck0TMTCPfxA0dy1WNdy7L+d//5p2wcfWY5VnnczON8nYd7CTTz7AeZU+jvCT3JsfU4ppr1S57lM11/WpTHzXn3nvtvWFjMGNMJLMS++zR6OSKnuTiLmrDU50avlw0JsIv3I257vOLvysS1ToAAAAAAAAAAAAAAAAAAGChxi/9Tnl4MjO0ktUXlhYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3Krx5//P0RgUwdcYXIvDozveIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG+BZwEAAP//w1FiAg==")
write$FUSE_ENTRY(0xffffffffffffffff, 0x0, 0x0)

03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x400, 0x81, 0x1f, 0x81, 0xf8, 0x1, 0x2, 0x80, 0x80, 0x5, 0x6, 0x2, 0x28}, {0xffff25d2, 0x5, 0x8, 0x3f, 0x81, 0x81, 0x1, 0x81, 0x8, 0x20, 0x3, 0x5f, 0xffffffffffffffff}, {0x200, 0x101, 0xe2, 0xfd, 0x8, 0x3, 0x6, 0x0, 0x1, 0x8, 0x7, 0xf8, 0x6}], 0x3f})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000000)={[{0x400, 0x81, 0x1f, 0x81, 0xf8, 0x1, 0x2, 0x80, 0x80, 0x5, 0x6, 0x2, 0x28}, {0xffff25d2, 0x5, 0x8, 0x3f, 0x81, 0x81, 0x1, 0x81, 0x8, 0x20, 0x3, 0x5f, 0xffffffffffffffff}, {0x200, 0x101, 0xe2, 0xfd, 0x8, 0x3, 0x6, 0x0, 0x1, 0x8, 0x7, 0xf8, 0x6}], 0x3f}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)

03:54:31 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0xdd00}, 0x0)

03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x90380, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x90380, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x90380, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)

03:54:31 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x30000}, 0x0)

03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000))

03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000))
openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) (async)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000)) (async)

03:54:31 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x34000}, 0x0)

[  610.892780][T10229] loop4: detected capacity change from 0 to 32768
03:54:31 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r1, 0x4068aea3, &(0x7f00000000c0)={0x8f, 0x0, 0x8}) (async)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_PIT2(r1, 0x8070ae9f, &(0x7f0000000000))

03:54:31 executing program 1:
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000005e80), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x30, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x14, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_CONNECTED_TO_GATE={0x5}]}]}, 0x30}, 0x1, 0x400300}, 0x0)

[  611.128154][   T26] audit: type=1804 audit(1709783671.951:75): pid=10281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/472/file0/bus" dev="loop4" ino=7 res=1 errno=0
[  611.163865][   T26] audit: type=1804 audit(1709783671.951:76): pid=10281 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/472/file0/bus" dev="loop4" ino=7 res=1 errno=0
[  611.205796][   T26] audit: type=1804 audit(1709783672.031:77): pid=10284 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz-executor.4" name="/root/syzkaller-testdir1029269245/syzkaller.FRsk2y/472/file0/bus" dev="loop4" ino=7 res=1 errno=0
[  611.309646][T10229] ================================================================================
[  611.309765][T10284] ================================================================================
[  611.329300][T10284] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_xtree.c:281:11
[  611.331341][T10229] UBSAN: array-index-out-of-bounds in fs/jfs/jfs_xtree.c:633:9
[  611.337706][T10284] index 19 is out of range for type 'xad_t[18]' (aka 'struct xad[18]')
[  611.355713][T10284] CPU: 0 PID: 10284 Comm: syz-executor.4 Not tainted 5.15.151-syzkaller #0
[  611.363519][T10229] index 19 is out of range for type 'xad_t[18]' (aka 'struct xad[18]')
[  611.364322][T10284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  611.364339][T10284] Call Trace:
[  611.364360][T10284]  <TASK>
[  611.364369][T10284]  dump_stack_lvl+0x1e3/0x2cb
[  611.393578][T10284]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  611.399228][T10284]  ? panic+0x84d/0x84d
[  611.403306][T10284]  ? do_read_cache_page+0xcb3/0x1040
[  611.408696][T10284]  ? unlock_page+0x188/0x200
[  611.413310][T10284]  __ubsan_handle_out_of_bounds+0x118/0x140
[  611.419241][T10284]  xtSearch+0x10e8/0x1ca0
[  611.423688][T10284]  xtLookup+0x2c0/0x8e0
[  611.427878][T10284]  ? jfs_umount_rw+0x130/0x130
[  611.432777][T10284]  ? __might_sleep+0xc0/0xc0
[  611.437379][T10284]  extHint+0x291/0x710
[  611.441458][T10284]  ? extAlloc+0x1000/0x1000
[  611.445972][T10284]  ? down_write_nested+0x117/0x180
[  611.451095][T10284]  ? down_read_non_owner+0x310/0x310
[  611.456394][T10284]  ? memset+0x1f/0x40
[  611.460383][T10284]  jfs_get_block+0x3a7/0xe50
[  611.465015][T10284]  ? jfs_dirty_inode+0x230/0x230
[  611.470094][T10284]  nobh_write_begin+0x398/0xda0
[  611.475079][T10284]  jfs_write_begin+0x3e/0x80
[  611.479704][T10284]  ? jfs_dirty_inode+0x230/0x230
[  611.484647][T10284]  generic_perform_write+0x2bf/0x5b0
[  611.489949][T10284]  ? grab_cache_page_write_begin+0x90/0x90
[  611.495760][T10284]  ? file_remove_privs+0x610/0x610
[  611.500886][T10284]  ? down_write+0x10e/0x170
[  611.505404][T10284]  __generic_file_write_iter+0x243/0x4f0
[  611.511043][T10284]  generic_file_write_iter+0xa7/0x1b0
[  611.516592][T10284]  vfs_write+0xacf/0xe50
[  611.520914][T10284]  ? file_end_write+0x250/0x250
[  611.525769][T10284]  ? __fget_files+0x413/0x480
[  611.530462][T10284]  ? mutex_lock_nested+0x17/0x20
[  611.535392][T10284]  ? __fdget_pos+0x2cb/0x380
[  611.539977][T10284]  ? ksys_write+0x77/0x2c0
[  611.544389][T10284]  ksys_write+0x1a2/0x2c0
[  611.548723][T10284]  ? print_irqtrace_events+0x210/0x210
[  611.554201][T10284]  ? __ia32_sys_read+0x80/0x80
[  611.558961][T10284]  ? syscall_enter_from_user_mode+0x2e/0x230
[  611.564929][T10284]  ? lockdep_hardirqs_on+0x94/0x130
[  611.570120][T10284]  ? syscall_enter_from_user_mode+0x2e/0x230
[  611.576098][T10284]  do_syscall_64+0x3d/0xb0
[  611.580515][T10284]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  611.586410][T10284] RIP: 0033:0x7f4a40249da9
[  611.590825][T10284] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  611.610548][T10284] RSP: 002b:00007f4a3e7880c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  611.618973][T10284] RAX: ffffffffffffffda RBX: 00007f4a40378120 RCX: 00007f4a40249da9
[  611.626941][T10284] RDX: 000000000208e24b RSI: 0000000020000300 RDI: 0000000000000009
[  611.634903][T10284] RBP: 00007f4a4029647a R08: 0000000000000000 R09: 0000000000000000
[  611.642863][T10284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  611.650828][T10284] R13: 000000000000006e R14: 00007f4a40378120 R15: 00007fff20efa688
[  611.658808][T10284]  </TASK>
[  611.664909][ T2665] Bluetooth: hci7: command 0x1003 tx timeout
[  611.671997][ T3537] Bluetooth: hci7: sending frame failed (-49)
[  611.682757][T10284] ================================================================================
[  611.692648][T10284] Kernel panic - not syncing: UBSAN: panic_on_warn set ...
[  611.699854][T10284] CPU: 1 PID: 10284 Comm: syz-executor.4 Not tainted 5.15.151-syzkaller #0
[  611.708448][T10284] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/25/2024
[  611.718522][T10284] Call Trace:
[  611.721802][T10284]  <TASK>
[  611.724738][T10284]  dump_stack_lvl+0x1e3/0x2cb
[  611.729439][T10284]  ? io_uring_drop_tctx_refs+0x19d/0x19d
[  611.735079][T10284]  ? panic+0x84d/0x84d
[  611.739175][T10284]  panic+0x318/0x84d
[  611.743093][T10284]  ? check_panic_on_warn+0x1d/0xa0
[  611.748330][T10284]  ? fb_is_primary_device+0xcc/0xcc
[  611.753540][T10284]  ? dump_stack_lvl+0x24f/0x2cb
[  611.758408][T10284]  ? do_read_cache_page+0xcb3/0x1040
[  611.763711][T10284]  check_panic_on_warn+0x7e/0xa0
[  611.768666][T10284]  __ubsan_handle_out_of_bounds+0x138/0x140
[  611.774588][T10284]  xtSearch+0x10e8/0x1ca0
[  611.778948][T10284]  xtLookup+0x2c0/0x8e0
[  611.783153][T10284]  ? jfs_umount_rw+0x130/0x130
[  611.787961][T10284]  ? __might_sleep+0xc0/0xc0
[  611.792563][T10284]  extHint+0x291/0x710
[  611.796672][T10284]  ? extAlloc+0x1000/0x1000
[  611.801191][T10284]  ? down_write_nested+0x117/0x180
[  611.806319][T10284]  ? down_read_non_owner+0x310/0x310
[  611.811614][T10284]  ? memset+0x1f/0x40
[  611.815613][T10284]  jfs_get_block+0x3a7/0xe50
[  611.820224][T10284]  ? jfs_dirty_inode+0x230/0x230
[  611.825199][T10284]  nobh_write_begin+0x398/0xda0
[  611.830076][T10284]  jfs_write_begin+0x3e/0x80
[  611.834679][T10284]  ? jfs_dirty_inode+0x230/0x230
[  611.839625][T10284]  generic_perform_write+0x2bf/0x5b0
[  611.844953][T10284]  ? grab_cache_page_write_begin+0x90/0x90
[  611.850789][T10284]  ? file_remove_privs+0x610/0x610
[  611.855921][T10284]  ? down_write+0x10e/0x170
[  611.860470][T10284]  __generic_file_write_iter+0x243/0x4f0
[  611.866135][T10284]  generic_file_write_iter+0xa7/0x1b0
[  611.871540][T10284]  vfs_write+0xacf/0xe50
[  611.875817][T10284]  ? file_end_write+0x250/0x250
[  611.880684][T10284]  ? __fget_files+0x413/0x480
[  611.885375][T10284]  ? mutex_lock_nested+0x17/0x20
[  611.890331][T10284]  ? __fdget_pos+0x2cb/0x380
[  611.894927][T10284]  ? ksys_write+0x77/0x2c0
[  611.899357][T10284]  ksys_write+0x1a2/0x2c0
[  611.903693][T10284]  ? print_irqtrace_events+0x210/0x210
[  611.909180][T10284]  ? __ia32_sys_read+0x80/0x80
[  611.913972][T10284]  ? syscall_enter_from_user_mode+0x2e/0x230
[  611.919959][T10284]  ? lockdep_hardirqs_on+0x94/0x130
[  611.925175][T10284]  ? syscall_enter_from_user_mode+0x2e/0x230
[  611.931175][T10284]  do_syscall_64+0x3d/0xb0
[  611.935601][T10284]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[  611.941508][T10284] RIP: 0033:0x7f4a40249da9
[  611.945947][T10284] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 e1 20 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b0 ff ff ff f7 d8 64 89 01 48
[  611.965556][T10284] RSP: 002b:00007f4a3e7880c8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  611.973980][T10284] RAX: ffffffffffffffda RBX: 00007f4a40378120 RCX: 00007f4a40249da9
[  611.981972][T10284] RDX: 000000000208e24b RSI: 0000000020000300 RDI: 0000000000000009
[  611.989947][T10284] RBP: 00007f4a4029647a R08: 0000000000000000 R09: 0000000000000000
[  611.997939][T10284] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  612.005934][T10284] R13: 000000000000006e R14: 00007f4a40378120 R15: 00007fff20efa688
[  612.013941][T10284]  </TASK>
[  612.017239][T10284] Kernel Offset: disabled
[  612.021779][T10284] Rebooting in 86400 seconds..