last executing test programs: 6.779545482s ago: executing program 3 (id=4): sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x20, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xff, 0x43}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x4004080) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)=0x1}) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0xf6, 0xf0, '\x00', 0x6}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000070000040"]) r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0x7, 0xa100) r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r4) ptrace(0x4207, r4) ioctl$SIOCAX25GETINFOOLD(r3, 0x89e9, &(0x7f0000000040)) 6.231037657s ago: executing program 3 (id=5): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502) socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r7 = socket(0x10, 0x2, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10) syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842) write(r7, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004) 5.662976938s ago: executing program 0 (id=7): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000480)={r3, r3, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r3, 0x1) write$UHID_INPUT(r2, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 5.531463122s ago: executing program 1 (id=8): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000480)={r3, r3, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r3, 0x1) write$UHID_INPUT(r2, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 5.138293945s ago: executing program 3 (id=9): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xb8, 0x39, 0x200, 0x70bd25, 0x25dfdbfc, {0x16}, [@typed={0x4, 0xe1}, @generic="d2c5ff46b6498e12020a515bcf0e75ee4c558a94086e792666662cd422ecb75d6d255bb1b793b793f68257cb496e44f1f15ad10ce90861e1ebd528668bca9ae6d5d661ec3cc34f8de222728dcdad27c2ef5a289dcbb8ee8e27b5be299abef83d2a60a17d3bc44b4f28d9ca515d2dd6cdbbda1daa526ee21dc32891815cf30ef76f5b93ad79bbe9ce204d02dd49cfc1d329c122eeaf30531ae6103f16b9", @generic]}, 0xb8}, 0x1, 0x0, 0x0, 0x840}, 0x24040001) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00') r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 4.777243342s ago: executing program 0 (id=11): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3) r0 = openat$mice(0xffffffffffffff9c, 0x0, 0x82) write$P9_RCREATE(r0, &(0x7f0000000180)={0x18, 0x73, 0x2, {{0x8, 0x2, 0x7}, 0x6}}, 0x18) ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f00000000c0)={0x7, "0a43b81781ee52fe5d1318dedf595fea476cc6aab722e8ac16406f5b4c42cc1b", 0x2, 0x1, 0x3ff, 0x7, 0x11, 0x1, 0x3ff, 0x7}) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={r1, 0xd14, 0xfff, 0xe}) socket$netlink(0x10, 0x3, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = socket(0x200000000000011, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'team0\x00'}) getpid() r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0) sendmsg$NL80211_CMD_ABORT_SCAN(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, r5, 0xd9b2794f6a139537, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0) 4.684417077s ago: executing program 1 (id=12): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502) r7 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r8 = socket(0x10, 0x2, 0x0) r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r9}, 0x10) syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842) write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c) recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400}) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004) 4.33599209s ago: executing program 3 (id=13): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0) wait4(r0, 0x0, 0x2, 0x0) creat(&(0x7f00000002c0)='./file0\x00', 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140)) io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) socket$inet(0x2, 0x4000000805, 0x0) 3.990584612s ago: executing program 2 (id=14): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xb8, 0x39, 0x200, 0x70bd25, 0x25dfdbfc, {0x16}, [@typed={0x4, 0xe1}, @generic="d2c5ff46b6498e12020a515bcf0e75ee4c558a94086e792666662cd422ecb75d6d255bb1b793b793f68257cb496e44f1f15ad10ce90861e1ebd528668bca9ae6d5d661ec3cc34f8de222728dcdad27c2ef5a289dcbb8ee8e27b5be299abef83d2a60a17d3bc44b4f28d9ca515d2dd6cdbbda1daa526ee21dc32891815cf30ef76f5b93ad79bbe9ce204d02dd49cfc1d329c122eeaf30531ae6103f16b9", @generic]}, 0xb8}, 0x1, 0x0, 0x0, 0x840}, 0x24040001) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r5) write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 3.715935903s ago: executing program 1 (id=15): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x5, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0) wait4(r0, 0x0, 0x2, 0x0) creat(&(0x7f00000002c0)='./file0\x00', 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140)) io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) socket$inet(0x2, 0x4000000805, 0x0) 3.321320975s ago: executing program 3 (id=16): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, &(0x7f0000001180)) syz_emit_ethernet(0x85, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa0a884800000200000f0e0000000000004c21e92a076b5eec8cebb498146fae248666abab0aa3fc763ee544652a2e26fcee1d76c4094c77361527677623fe0c2ba7bfb3d3e558d2e59211a6e3e544e3fd55b3da1a61769f7f92da1a9e11680b285a980e151500c97081723716e83719d68c5ab0ed"], &(0x7f0000000340)={0x1, 0x1, [0xdf5, 0x31f, 0x338, 0x79d]}) socket(0x28, 0x2, 0x1) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1ff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc2c45513, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x2, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}) socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x2, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffde4, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r3, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r5 = io_uring_setup(0x25e, &(0x7f0000000080)) io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x1b, &(0x7f0000003900)=[{0x0, 0x700, 0x0, 0x0, 0x0}], 0x1) write$tun(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e00000010000655800189000"], 0xfdef) socket(0x22, 0x800, 0x0) io_setup(0x3, 0x0) syz_usb_connect(0x5, 0x6a, 0x0, 0x0) r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000200), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000000)) ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000180)=0x6f) write$dsp(r6, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) 3.128606383s ago: executing program 2 (id=17): socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x5, 0xa, 0xb}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0) wait4(r0, 0x0, 0x2, 0x0) creat(&(0x7f00000002c0)='./file0\x00', 0x0) mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140)) io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8) r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60) socket$inet(0x2, 0x4000000805, 0x0) 3.031325108s ago: executing program 0 (id=18): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502) r7 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x10, 0x2, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10) syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842) recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400}) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004) 2.484554823s ago: executing program 1 (id=19): setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) r1 = syz_open_dev$tty1(0xc, 0x4, 0x1) r2 = dup(r1) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000480)={r3, r3, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r3, 0x1) write$UHID_INPUT(r2, 0x0, 0x0) sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 2.172810793s ago: executing program 2 (id=20): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000000000000000020085000000a800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc) r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0) poll(&(0x7f0000000080)=[{r1, 0x21}, {0xffffffffffffffff, 0x4000}], 0x2, 0x5) syz_open_dev$MSR(&(0x7f0000000000), 0x7, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) read$FUSE(r2, &(0x7f0000004380)={0x2020}, 0x2020) write$P9_RGETLOCK(r3, &(0x7f00000094c0)=ANY=[], 0x200002e6) fcntl$setpipe(r3, 0x407, 0x7000000) r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x9, 0x6, 0x0, "00769a7d8200010000001495595915303d6000"}) r5 = syz_open_pts(r4, 0x0) r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0) splice(r5, 0x0, r6, 0x0, 0x4, 0xc) read$msr(r2, &(0x7f0000000180)=""/100, 0x64) 2.003046054s ago: executing program 0 (id=21): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r4, 0x1) write$UHID_INPUT(r3, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 1.828603796s ago: executing program 2 (id=22): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r4, 0x1) write$UHID_INPUT(r3, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 1.443397414s ago: executing program 1 (id=23): syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"]) chdir(&(0x7f0000000100)='./file0\x00') mkdirat(0xffffffffffffff9c, 0x0, 0x0) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xb8, 0x39, 0x200, 0x70bd25, 0x25dfdbfc, {0x16}, [@typed={0x4, 0xe1}, @generic="d2c5ff46b6498e12020a515bcf0e75ee4c558a94086e792666662cd422ecb75d6d255bb1b793b793f68257cb496e44f1f15ad10ce90861e1ebd528668bca9ae6d5d661ec3cc34f8de222728dcdad27c2ef5a289dcbb8ee8e27b5be299abef83d2a60a17d3bc44b4f28d9ca515d2dd6cdbbda1daa526ee21dc32891815cf30ef76f5b93ad79bbe9ce204d02dd49cfc1d329c122eeaf30531ae6103f16b9", @generic]}, 0xb8}, 0x1, 0x0, 0x0, 0x840}, 0x24040001) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00) dup(r5) write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3) 1.081253798s ago: executing program 0 (id=24): r0 = socket(0x40000000015, 0x5, 0x0) ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x8, 0x1, 0x1, @local, @private2, 0x40, 0x20, 0x1, 0x1000}}) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0) ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000240)={0x10000000000000, 0x1000000}) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x200, 0x0) ioctl$CDROMVOLCTRL(r3, 0x530a, &(0x7f0000000240)={0x1, 0x3, 0x6, 0xc}) r4 = dup(r2) r5 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [0x10001, 0x6, 0xb617, 0x5, 0x9f, 0x6]}, &(0x7f0000000140)=0x50) r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc0045540, &(0x7f0000000080)=0xf) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)) setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x64) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r4) sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f0000000600)={&(0x7f0000000200), 0xc, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="40020000", @ANYRES16=r8, @ANYBLOB], 0x240}, 0x1, 0x0, 0x0, 0x8001}, 0x44ea3b8750c01ff9) r9 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x325000, 0x800}, 0x1c) sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="54000000090601020000000000000000020000000900020073797a310000000005000100070000002c0007800c00018008000140ffffffff0500070084000000060004404e2200000c000280080001407f000000"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) move_pages(0x0, 0x6, &(0x7f0000000080)=[&(0x7f0000008000/0x1000)=nil, &(0x7f0000007000/0x2000)=nil, &(0x7f0000003000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000000600), 0x0) 901.389559ms ago: executing program 2 (id=25): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r4, 0x1) write$UHID_INPUT(r3, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 691.327852ms ago: executing program 1 (id=26): r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', 0x0}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) r3 = dup(r2) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r5 = getpid() sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810) recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) socket$rxrpc(0x21, 0x2, 0xa) connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe) r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6) ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'}) shutdown(r4, 0x1) write$UHID_INPUT(r3, 0x0, 0x0) sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14) 653.194988ms ago: executing program 0 (id=27): r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff) sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014) r3 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0x0) r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502) r7 = socket$nl_route(0x10, 0x3, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socket(0x10, 0x2, 0x0) r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10) syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842) recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400}) r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004) 0s ago: executing program 2 (id=28): r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) socket$inet_udp(0x2, 0x2, 0x0) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, &(0x7f0000001180)) syz_emit_ethernet(0x85, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa0a884800000200000f0e0000000000004c21e92a076b5eec8cebb498146fae248666abab0aa3fc763ee544652a2e26fcee1d76c4094c77361527677623fe0c2ba7bfb3d3e558d2e59211a6e3e544e3fd55b3da1a61769f7f92da1a9e11680b285a980e151500c97081723716e83719d68c5ab0ed"], &(0x7f0000000340)={0x1, 0x1, [0xdf5, 0x31f, 0x338, 0x79d]}) socket(0x28, 0x2, 0x1) syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7) r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1ff, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc2c45513, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x2, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}) socket$nl_route(0x10, 0x3, 0x0) r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x2, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffde4, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r3, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) r5 = io_uring_setup(0x25e, &(0x7f0000000080)) io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x1b, &(0x7f0000003900)=[{0x0, 0x700, 0x0, 0x0, 0x0}], 0x1) write$tun(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e00000010000655800189000"], 0xfdef) socket(0x22, 0x800, 0x0) io_setup(0x3, 0x0) syz_usb_connect(0x5, 0x6a, 0x0, 0x0) r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000200), 0xa0201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000000)) ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000180)=0x6f) write$dsp(r6, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) kernel console output (not intermixed with test programs): [ 81.027811][ T832] cfg80211: failed to load regulatory.db Warning: Permanently added '[localhost]:2523' (ED25519) to the list of known hosts. [11068.211673][ T6765] cgroup: Unknown subsys name 'net' [11068.359713][ T6765] cgroup: Unknown subsys name 'cpuset' [11068.362890][ T6765] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [11068.547144][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [11068.549126][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [11069.128489][ T6765] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [11071.022769][ T6784] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [11071.025156][ T6784] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [11071.027840][ T6784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [11071.031099][ T6784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [11071.033328][ T6784] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [11071.035489][ T6784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [11071.036062][ T6785] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [11071.038009][ T6784] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [11071.040559][ T6785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [11071.042721][ T6784] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [11071.044110][ T6785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [11071.046114][ T6784] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [11071.048620][ T6785] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [11071.049544][ T6787] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [11071.050211][ T6787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [11071.050544][ T6784] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [11071.050746][ T6784] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [11071.050907][ T6784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [11071.051634][ T6788] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [11071.053245][ T65] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [11071.053595][ T6788] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [11071.053705][ T6788] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [11071.077015][ T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [11071.086468][ T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [11071.163314][ T6556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.163696][ T6719] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.165678][ T6556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.176278][ T6719] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.184797][ T6282] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.188086][ T6282] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.191177][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.193583][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.204507][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.208459][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.213219][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.215520][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.229029][ T6556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.231334][ T6556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.235119][ T6719] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [11071.237797][ T6719] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [11071.244616][ T6780] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [11071.843398][ T6807] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5 [11072.693026][ T6839] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6 [11072.956462][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.107272][ T5310] Bluetooth: hci1: command tx timeout [11073.108041][ T65] Bluetooth: hci0: command tx timeout [11073.108064][ T6788] Bluetooth: hci3: command tx timeout [11073.116382][ T65] Bluetooth: hci2: command tx timeout [11073.336343][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.339779][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.342250][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.344675][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.347424][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.407260][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.429718][ T6858] Zero length message leads to an empty skb [11073.616378][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11073.621463][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11074.826538][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [11075.187273][ T65] Bluetooth: hci2: command tx timeout [11075.187308][ T5310] Bluetooth: hci0: command tx timeout [11075.189250][ T6788] Bluetooth: hci1: command tx timeout [11075.203482][ T5310] Bluetooth: hci3: command tx timeout [11075.791250][ T6895] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7 [11076.319099][ T6911] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input8 [11076.807854][ T6918] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9 [11077.266519][ T65] Bluetooth: hci3: command tx timeout [11077.268277][ T65] Bluetooth: hci2: command tx timeout [11077.270017][ T5310] Bluetooth: hci0: command tx timeout [11077.271686][ T5310] Bluetooth: hci1: command tx timeout [11077.320762][ T6917] syz.1.23 (6917) used greatest stack depth: 20304 bytes left [11077.820381][ T6943] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input10 [11078.106795][ T5310] ================================================================== [11078.109263][ T5310] BUG: KASAN: null-ptr-deref in l2cap_sock_resume_cb+0xd0/0x130 [11078.111574][ T5310] Write of size 8 at addr 0000000000000568 by task kworker/u33:1/5310 [11078.115237][ T5310] [11078.115982][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u33:1 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0 [11078.115994][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [11078.116001][ T5310] Workqueue: hci3 hci_rx_work [11078.116014][ T5310] Call Trace: [11078.116017][ T5310] [11078.116021][ T5310] dump_stack_lvl+0x116/0x1f0 [11078.116032][ T5310] kasan_report+0xd9/0x110 [11078.116041][ T5310] ? l2cap_sock_resume_cb+0xd0/0x130 [11078.116054][ T5310] ? l2cap_sock_resume_cb+0xd0/0x130 [11078.116067][ T5310] kasan_check_range+0xef/0x1a0 [11078.116077][ T5310] l2cap_sock_resume_cb+0xd0/0x130 [11078.116089][ T5310] l2cap_security_cfm+0x795/0x11d0 [11078.116103][ T5310] ? __pfx_l2cap_security_cfm+0x10/0x10 [11078.116113][ T5310] ? mark_held_locks+0x9f/0xe0 [11078.116124][ T5310] ? kasan_quarantine_put+0x10a/0x240 [11078.116138][ T5310] ? lockdep_hardirqs_on+0x7c/0x110 [11078.116147][ T5310] ? kfree+0x14f/0x4b0 [11078.116158][ T5310] ? __pfx_rfcomm_security_cfm+0x10/0x10 [11078.116172][ T5310] ? hci_encrypt_cfm+0x202/0x7d0 [11078.116186][ T5310] ? __pfx_l2cap_security_cfm+0x10/0x10 [11078.116195][ T5310] hci_encrypt_cfm+0x1f2/0x7d0 [11078.116208][ T5310] ? __pfx_hci_encrypt_cfm+0x10/0x10 [11078.116221][ T5310] ? hci_conn_hash_lookup_handle+0x3b/0x330 [11078.116234][ T5310] hci_encrypt_change_evt+0x3f3/0x1130 [11078.116243][ T5310] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [11078.116253][ T5310] ? skb_pull_data+0x166/0x210 [11078.116264][ T5310] hci_event_packet+0x9eb/0x1190 [11078.116273][ T5310] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [11078.116282][ T5310] ? __pfx_hci_event_packet+0x10/0x10 [11078.116290][ T5310] ? mark_held_locks+0x9f/0xe0 [11078.116298][ T5310] ? kcov_remote_start+0x3cf/0x6e0 [11078.116308][ T5310] ? lockdep_hardirqs_on+0x7c/0x110 [11078.116317][ T5310] hci_rx_work+0x2c5/0x16b0 [11078.116327][ T5310] ? process_one_work+0x8bb/0x1b30 [11078.116342][ T5310] process_one_work+0x958/0x1b30 [11078.116358][ T5310] ? __pfx_lock_acquire.part.0+0x10/0x10 [11078.116366][ T5310] ? __pfx_process_one_work+0x10/0x10 [11078.116380][ T5310] ? rcu_is_watching+0x12/0xc0 [11078.116393][ T5310] ? assign_work+0x1a0/0x250 [11078.116406][ T5310] worker_thread+0x6c8/0xf00 [11078.116415][ T5310] ? __pfx_worker_thread+0x10/0x10 [11078.116423][ T5310] kthread+0x3af/0x750 [11078.116436][ T5310] ? __pfx_kthread+0x10/0x10 [11078.116448][ T5310] ? lock_acquire+0x2f/0xb0 [11078.116457][ T5310] ? __pfx_kthread+0x10/0x10 [11078.116470][ T5310] ret_from_fork+0x45/0x80 [11078.116479][ T5310] ? __pfx_kthread+0x10/0x10 [11078.116491][ T5310] ret_from_fork_asm+0x1a/0x30 [11078.116507][ T5310] [11078.116510][ T5310] ================================================================== [11078.195648][ T5310] Kernel panic - not syncing: KASAN: panic_on_warn set ... [11078.197891][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u33:1 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0 [11078.201091][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [11078.204325][ T5310] Workqueue: hci3 hci_rx_work [11078.205788][ T5310] Call Trace: [11078.206828][ T5310] [11078.207740][ T5310] dump_stack_lvl+0x3d/0x1f0 [11078.209165][ T5310] panic+0x71d/0x800 [11078.210370][ T5310] ? __pfx_panic+0x10/0x10 [11078.211745][ T5310] ? irqentry_exit+0x3b/0x90 [11078.213167][ T5310] ? lockdep_hardirqs_on+0x7c/0x110 [11078.214748][ T5310] ? preempt_schedule_thunk+0x1a/0x30 [11078.216381][ T5310] ? preempt_schedule_common+0x44/0xc0 [11078.218052][ T5310] check_panic_on_warn+0xab/0xb0 [11078.219571][ T5310] end_report+0x117/0x180 [11078.220902][ T5310] kasan_report+0xe9/0x110 [11078.222273][ T5310] ? l2cap_sock_resume_cb+0xd0/0x130 [11078.223908][ T5310] ? l2cap_sock_resume_cb+0xd0/0x130 [11078.225545][ T5310] kasan_check_range+0xef/0x1a0 [11078.227057][ T5310] l2cap_sock_resume_cb+0xd0/0x130 [11078.228644][ T5310] l2cap_security_cfm+0x795/0x11d0 [11078.230261][ T5310] ? __pfx_l2cap_security_cfm+0x10/0x10 [11078.231954][ T5310] ? mark_held_locks+0x9f/0xe0 [11078.233429][ T5310] ? kasan_quarantine_put+0x10a/0x240 [11078.235082][ T5310] ? lockdep_hardirqs_on+0x7c/0x110 [11078.236690][ T5310] ? kfree+0x14f/0x4b0 [11078.237951][ T5310] ? __pfx_rfcomm_security_cfm+0x10/0x10 [11078.239692][ T5310] ? hci_encrypt_cfm+0x202/0x7d0 [11078.241236][ T5310] ? __pfx_l2cap_security_cfm+0x10/0x10 [11078.242934][ T5310] hci_encrypt_cfm+0x1f2/0x7d0 [11078.244413][ T5310] ? __pfx_hci_encrypt_cfm+0x10/0x10 [11078.246051][ T5310] ? hci_conn_hash_lookup_handle+0x3b/0x330 [11078.247877][ T5310] hci_encrypt_change_evt+0x3f3/0x1130 [11078.249563][ T5310] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [11078.251383][ T5310] ? skb_pull_data+0x166/0x210 [11078.252886][ T5310] hci_event_packet+0x9eb/0x1190 [11078.254420][ T5310] ? __pfx_hci_encrypt_change_evt+0x10/0x10 [11078.256221][ T5310] ? __pfx_hci_event_packet+0x10/0x10 [11078.257909][ T5310] ? mark_held_locks+0x9f/0xe0 [11078.259386][ T5310] ? kcov_remote_start+0x3cf/0x6e0 [11078.260963][ T5310] ? lockdep_hardirqs_on+0x7c/0x110 [11078.262562][ T5310] hci_rx_work+0x2c5/0x16b0 [11078.263964][ T5310] ? process_one_work+0x8bb/0x1b30 [11078.265541][ T5310] process_one_work+0x958/0x1b30 [11078.267062][ T5310] ? __pfx_lock_acquire.part.0+0x10/0x10 [11078.268784][ T5310] ? __pfx_process_one_work+0x10/0x10 [11078.270423][ T5310] ? rcu_is_watching+0x12/0xc0 [11078.271892][ T5310] ? assign_work+0x1a0/0x250 [11078.273319][ T5310] worker_thread+0x6c8/0xf00 [11078.274757][ T5310] ? __pfx_worker_thread+0x10/0x10 [11078.276309][ T5310] kthread+0x3af/0x750 [11078.277566][ T5310] ? __pfx_kthread+0x10/0x10 [11078.278973][ T5310] ? lock_acquire+0x2f/0xb0 [11078.280361][ T5310] ? __pfx_kthread+0x10/0x10 [11078.281780][ T5310] ret_from_fork+0x45/0x80 [11078.283137][ T5310] ? __pfx_kthread+0x10/0x10 [11078.284546][ T5310] ret_from_fork_asm+0x1a/0x30 [11078.286025][ T5310] [11078.287435][ T5310] Kernel Offset: disabled [11078.288775][ T5310] Rebooting in 86400 seconds.. VM DIAGNOSIS: 09:17:12 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff851847a5 RDI=ffffffff9aad3540 RBP=ffffffff9aad3500 RSP=ffffc90003c77210 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303030307257 R12=0000000000000000 R13=0000000000000069 R14=ffffffff85184740 R15=0000000000000000 RIP=ffffffff851847cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000033618ffc CR3=000000004bc50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000159fb5 RBX=0000000000000001 RCX=ffffffff8b25f279 RDX=0000000000000000 RSI=ffffffff8b6ccfe0 RDI=ffffffff8bd26800 RBP=ffffed1003a5f910 RSP=ffffc9000047fe08 R8 =0000000000000001 R9 =ffffed10056a6f7d R10=ffff88802b537beb R11=0000000000000000 R12=0000000000000001 R13=ffff88801d2fc880 R14=ffffffff905ff710 R15=0000000000000000 RIP=ffffffff8b26065f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002001b000 CR3=000000005cdbe000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffffff8b287022 RCX=1ffffffff3503b14 RDX=0000000000000000 RSI=ffffffff8bd26780 RDI=ffffffff8b287022 RBP=ffff8880232c28a0 RSP=ffffc9000c05f960 R8 =0000000000000000 R9 =fffffbfff20bfee2 R10=ffffffff905ff717 R11=0000000000000003 R12=ffff88802b63fc91 R13=0000000000000001 R14=ffff8880232c2888 R15=ffffffff8e1c8480 RIP=ffffffff8176ab2f RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f4c16cc6d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000560c237d38e8 CR3=0000000049dea000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f743cff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000aa57cb RBX=0000000000000003 RCX=ffffffff8b25f279 RDX=0000000000000000 RSI=ffffffff8b6ccfe0 RDI=ffffffff8bd26800 RBP=ffffed1003ad2488 RSP=ffffc9000049fe08 R8 =0000000000000001 R9 =ffffed10056e6f7d R10=ffff88802b737beb R11=0000000000000000 R12=0000000000000003 R13=ffff88801d692440 R14=ffffffff905ff710 R15=0000000000000000 RIP=ffffffff8b26065f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f71d3360 CR3=000000001ceca000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000