last executing test programs:

6.779545482s ago: executing program 3 (id=4):
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)={0x20, 0x0, 0x100, 0x70bd26, 0x25dfdbff, {{}, {@void, @val={0xc, 0x99, {0xff, 0x43}}}}}, 0x20}, 0x1, 0x0, 0x0, 0x11}, 0x4004080)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x181040, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_GET_DEVICE_ATTR(0xffffffffffffffff, 0x4018aee2, &(0x7f00000000c0)=@attr_arm64={0x0, 0x0, 0x0, &(0x7f0000000080)=0x1})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x1, 0xf6, 0xf0, '\x00', 0x6})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000500)=ANY=[@ANYBLOB="010000000000000070000040"])
r3 = syz_open_dev$vcsa(&(0x7f0000000000), 0x7, 0xa100)
r4 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r4)
ptrace(0x4207, r4)
ioctl$SIOCAX25GETINFOOLD(r3, 0x89e9, &(0x7f0000000040))

6.231037657s ago: executing program 3 (id=5):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r7 = socket(0x10, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
write(r7, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)

5.662976938s ago: executing program 0 (id=7):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000480)={r3, r3, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r3, 0x1)
write$UHID_INPUT(r2, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

5.531463122s ago: executing program 1 (id=8):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000480)={r3, r3, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r3, 0x1)
write$UHID_INPUT(r2, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

5.138293945s ago: executing program 3 (id=9):
syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xb8, 0x39, 0x200, 0x70bd25, 0x25dfdbfc, {0x16}, [@typed={0x4, 0xe1}, @generic="d2c5ff46b6498e12020a515bcf0e75ee4c558a94086e792666662cd422ecb75d6d255bb1b793b793f68257cb496e44f1f15ad10ce90861e1ebd528668bca9ae6d5d661ec3cc34f8de222728dcdad27c2ef5a289dcbb8ee8e27b5be299abef83d2a60a17d3bc44b4f28d9ca515d2dd6cdbbda1daa526ee21dc32891815cf30ef76f5b93ad79bbe9ce204d02dd49cfc1d329c122eeaf30531ae6103f16b9", @generic]}, 0xb8}, 0x1, 0x0, 0x0, 0x840}, 0x24040001)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
rename(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000280)='./file0\x00')
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)

4.777243342s ago: executing program 0 (id=11):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
r0 = openat$mice(0xffffffffffffff9c, 0x0, 0x82)
write$P9_RCREATE(r0, &(0x7f0000000180)={0x18, 0x73, 0x2, {{0x8, 0x2, 0x7}, 0x6}}, 0x18)
ioctl$VIDIOC_G_TUNER(r0, 0xc054561d, &(0x7f00000000c0)={0x7, "0a43b81781ee52fe5d1318dedf595fea476cc6aab722e8ac16406f5b4c42cc1b", 0x2, 0x1, 0x3ff, 0x7, 0x11, 0x1, 0x3ff, 0x7})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$F2FS_IOC_MOVE_RANGE(0xffffffffffffffff, 0xc020f509, &(0x7f0000000000)={r1, 0xd14, 0xfff, 0xe})
socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=@base={0x7, 0x4, 0x18, 0x28e, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x1a000000, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000080)={'team0\x00'})
getpid()
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000c00), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r6=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={0x0}}, 0x0)
sendmsg$NL80211_CMD_ABORT_SCAN(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x1c, r5, 0xd9b2794f6a139537, 0x0, 0x0, {{}, {@val={0x8, 0x3, r6}, @void}}}, 0x1c}}, 0x0)

4.684417077s ago: executing program 1 (id=12):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r8 = socket(0x10, 0x2, 0x0)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r9}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
write(r8, &(0x7f0000000040)="1c0000001a009b8a140000003b9b301f00"/28, 0x1c)
recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)

4.33599209s ago: executing program 3 (id=13):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0)
wait4(r0, 0x0, 0x2, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
socket$inet(0x2, 0x4000000805, 0x0)

3.990584612s ago: executing program 2 (id=14):
syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xb8, 0x39, 0x200, 0x70bd25, 0x25dfdbfc, {0x16}, [@typed={0x4, 0xe1}, @generic="d2c5ff46b6498e12020a515bcf0e75ee4c558a94086e792666662cd422ecb75d6d255bb1b793b793f68257cb496e44f1f15ad10ce90861e1ebd528668bca9ae6d5d661ec3cc34f8de222728dcdad27c2ef5a289dcbb8ee8e27b5be299abef83d2a60a17d3bc44b4f28d9ca515d2dd6cdbbda1daa526ee21dc32891815cf30ef76f5b93ad79bbe9ce204d02dd49cfc1d329c122eeaf30531ae6103f16b9", @generic]}, 0xb8}, 0x1, 0x0, 0x0, 0x840}, 0x24040001)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
dup(r5)
write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)

3.715935903s ago: executing program 1 (id=15):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x5, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0)
wait4(r0, 0x0, 0x2, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
socket$inet(0x2, 0x4000000805, 0x0)

3.321320975s ago: executing program 3 (id=16):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, &(0x7f0000001180))
syz_emit_ethernet(0x85, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa0a884800000200000f0e0000000000004c21e92a076b5eec8cebb498146fae248666abab0aa3fc763ee544652a2e26fcee1d76c4094c77361527677623fe0c2ba7bfb3d3e558d2e59211a6e3e544e3fd55b3da1a61769f7f92da1a9e11680b285a980e151500c97081723716e83719d68c5ab0ed"], &(0x7f0000000340)={0x1, 0x1, [0xdf5, 0x31f, 0x338, 0x79d]})
socket(0x28, 0x2, 0x1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc2c45513, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x2, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]})
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x2, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffde4, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r3, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = io_uring_setup(0x25e, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x1b, &(0x7f0000003900)=[{0x0, 0x700, 0x0, 0x0, 0x0}], 0x1)
write$tun(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e00000010000655800189000"], 0xfdef)
socket(0x22, 0x800, 0x0)
io_setup(0x3, 0x0)
syz_usb_connect(0x5, 0x6a, 0x0, 0x0)
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000200), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r6, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

3.128606383s ago: executing program 2 (id=17):
socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x5, 0xa, 0xb}, {0x4, 0x2, 0x13, 0x2}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r0 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
mount(&(0x7f0000000140)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='minix\x00', 0x208000, 0x0)
wait4(r0, 0x0, 0x2, 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mprotect(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x2)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r4 = syz_io_uring_setup(0x5981, &(0x7f0000000000)={0x0, 0xef34, 0x2, 0x0, 0x325}, &(0x7f0000000100), &(0x7f0000000140))
io_uring_enter(r4, 0x56a1, 0x1dc1, 0x1e, &(0x7f0000000180)={[0x9, 0x100]}, 0x8)
r5 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r5, 0xae60)
socket$inet(0x2, 0x4000000805, 0x0)

3.031325108s ago: executing program 0 (id=18):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)

2.484554823s ago: executing program 1 (id=19):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r0=>0x0})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r7 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r7, 0x400448c8, &(0x7f0000000480)={r3, r3, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r3, 0x1)
write$UHID_INPUT(r2, 0x0, 0x0)
sendto$packet(0xffffffffffffffff, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

2.172810793s ago: executing program 2 (id=20):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x12, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000005000000180100002020702500000000002020207b1af8ff00000000bfa10000000000000701"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock_addr=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, @void, @value}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="1802000000000000000000000000020085000000a800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000040)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
poll(&(0x7f0000000080)=[{r1, 0x21}, {0xffffffffffffffff, 0x4000}], 0x2, 0x5)
syz_open_dev$MSR(&(0x7f0000000000), 0x7, 0x0)
pipe(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
read$FUSE(r2, &(0x7f0000004380)={0x2020}, 0x2020)
write$P9_RGETLOCK(r3, &(0x7f00000094c0)=ANY=[], 0x200002e6)
fcntl$setpipe(r3, 0x407, 0x7000000)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r4, 0x40045431, &(0x7f0000000100)={0x0, 0x0, 0x9, 0x6, 0x0, "00769a7d8200010000001495595915303d6000"})
r5 = syz_open_pts(r4, 0x0)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
splice(r5, 0x0, r6, 0x0, 0x4, 0xc)
read$msr(r2, &(0x7f0000000180)=""/100, 0x64)

2.003046054s ago: executing program 0 (id=21):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r4, 0x1)
write$UHID_INPUT(r3, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

1.828603796s ago: executing program 2 (id=22):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r4, 0x1)
write$UHID_INPUT(r3, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

1.443397414s ago: executing program 1 (id=23):
syz_emit_ethernet(0x3e, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaa0380c20000000800470000300004000000069078ac141400ac1e00018903d78903b6000000000000d80b8a8ce83d8e32f14060a6f02dc58923345cdbfe7c49d3771b1bc344ffb0680e97605b852350fbc7237538f69cf935eab6146a0e399028adc2cc040c960bf1a23e54de73202ae31f3e3e47859e413f6824b9513f95920b387fec77adcf104546af9cb1c8716d3714e33d4dadb6e0525019db7acd3f252e59534750f198a6459362e30ac9c5c584fa84c8d4295a2cf7b3793314e917ab28bef46b11b4a3dfbced392a2da8b43620da21853c2733c6e7da000731daaae54c42dfd077da46d0328a917b624d69a720ce9483ae5fb2c33bbdbb4a35d70d9f6253dc7fc39363e396", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5000000090780000"], 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0xa07, &(0x7f0000000200)={0x0, 0xcc72, 0x0, 0x3}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_ASYNC_CANCEL)
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76657273696f6e3d3970323030302e75"])
chdir(&(0x7f0000000100)='./file0\x00')
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000140)={&(0x7f0000000380)={0xb8, 0x39, 0x200, 0x70bd25, 0x25dfdbfc, {0x16}, [@typed={0x4, 0xe1}, @generic="d2c5ff46b6498e12020a515bcf0e75ee4c558a94086e792666662cd422ecb75d6d255bb1b793b793f68257cb496e44f1f15ad10ce90861e1ebd528668bca9ae6d5d661ec3cc34f8de222728dcdad27c2ef5a289dcbb8ee8e27b5be299abef83d2a60a17d3bc44b4f28d9ca515d2dd6cdbbda1daa526ee21dc32891815cf30ef76f5b93ad79bbe9ce204d02dd49cfc1d329c122eeaf30531ae6103f16b9", @generic]}, 0xb8}, 0x1, 0x0, 0x0, 0x840}, 0x24040001)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000500)=ANY=[], 0x0, 0x3e, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuset.effective_cpus\x00', 0x275a, 0x3f00)
dup(r5)
write$binfmt_script(r5, &(0x7f0000000080)={'#! ', './file0'}, 0xfffffffffffffcf3)

1.081253798s ago: executing program 0 (id=24):
r0 = socket(0x40000000015, 0x5, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r0, 0x89f0, &(0x7f00000000c0)={'syztnl2\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x29, 0x2, 0x8, 0x1, 0x1, @local, @private2, 0x40, 0x20, 0x1, 0x1000}})
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r1, 0x127f, &(0x7f0000000240)={0x10000000000000, 0x1000000})
r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r3 = openat$cdrom(0xffffff9c, &(0x7f00000001c0), 0x200, 0x0)
ioctl$CDROMVOLCTRL(r3, 0x530a, &(0x7f0000000240)={0x1, 0x3, 0x6, 0xc})
r4 = dup(r2)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$EBT_SO_GET_INFO(r4, 0x0, 0x80, &(0x7f00000000c0)={'broute\x00', 0x0, 0x0, 0x0, [0x10001, 0x6, 0xb617, 0x5, 0x9f, 0x6]}, &(0x7f0000000140)=0x50)
r6 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r6, 0xc0045540, &(0x7f0000000080)=0xf)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380))
setsockopt$ARPT_SO_SET_ADD_COUNTERS(r5, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x4}, 0x64)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
r8 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000280), r4)
sendmsg$TIPC_NL_BEARER_ADD(r4, &(0x7f0000000600)={&(0x7f0000000200), 0xc, &(0x7f00000005c0)={&(0x7f0000000640)=ANY=[@ANYBLOB="40020000", @ANYRES16=r8, @ANYBLOB], 0x240}, 0x1, 0x0, 0x0, 0x8001}, 0x44ea3b8750c01ff9)
r9 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_REG(r9, 0x11b, 0x4, &(0x7f0000000080)={0x0, 0x325000, 0x800}, 0x1c)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=ANY=[@ANYBLOB="54000000090601020000000000000000020000000900020073797a310000000005000100070000002c0007800c00018008000140ffffffff0500070084000000060004404e2200000c000280080001407f000000"], 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
move_pages(0x0, 0x6, &(0x7f0000000080)=[&(0x7f0000008000/0x1000)=nil, &(0x7f0000007000/0x2000)=nil, &(0x7f0000003000/0x1000)=nil, &(0x7f0000000000/0x4000)=nil, &(0x7f0000003000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil], 0x0, &(0x7f0000000600), 0x0)

901.389559ms ago: executing program 2 (id=25):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r4, 0x1)
write$UHID_INPUT(r3, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

691.327852ms ago: executing program 1 (id=26):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r1=>0x0})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2000000000000376, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0xa, 0x4}, 0x36, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x5, 0x6}, 0x10, 0x0, 0x0, 0x0, &(0x7f00000016c0), 0x0, 0x10, 0x37, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeea, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r6, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r7, &(0x7f00000bd000), 0x800005d, 0x4810)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x803}, 0xe)
r8 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNADD(r8, 0x400448c8, &(0x7f0000000480)={r4, r4, 0x8, 0x0, 0x0, 0x5, 0x81, 0x46d, 0xfff9, 0x3, 0x0, 0x5, 'syz0\x00'})
shutdown(r4, 0x1)
write$UHID_INPUT(r3, 0x0, 0x0)
sendto$packet(r0, &(0x7f0000000180)="0b032200e0ff25000200475400f6a13bb1000000080086dd4803", 0x1a, 0x4000, &(0x7f0000000140)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}}, 0x14)

653.194988ms ago: executing program 0 (id=27):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), 0xffffffffffffffff)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r1, &(0x7f0000000500)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f00000004c0)={&(0x7f0000000340)={0x148, r2, 0x400, 0x70bd2b, 0x25dfdbfc, {}, [@NL802154_ATTR_SEC_KEY={0x30, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "a5347121b90d1d691336b7524cbcc8cae77ec49927c45cf9c2c94b35682e8dd8"}]}, @NL802154_ATTR_SEC_KEY={0x1c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xd}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x3}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x2}]}, @NL802154_ATTR_SEC_KEY={0x2c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "57f92cff91bbe099b76b8f6a9b21f4ca"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "4c30df7ed72f2dbe3255fe59e387a86e"}]}, @NL802154_ATTR_SEC_KEY={0xbc, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0xc}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "ad74525a6ec2b85f3624cb37e20a430b17de59764f20ead7ccc55ab442bccfac"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "bdce0e89dfd3f088a73009c2936e16aa"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "7ddfb500af5fe92ee75f0929931e8925"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "77c8711bbb304a36443a40d64fe98c76afc9448e6327e7e180340f29359c83b5"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "cfe26ee59098f9f7cb32232b83f125d7"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "024475e7b51eb78d44f78dfb11ed683777ef2782c4ca6045490799bb8298b3b2"}]}]}, 0x148}, 0x1, 0x0, 0x0, 0x81}, 0x8014)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x0)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$F2FS_IOC_START_VOLATILE_WRITE(r6, 0x40046f41, 0x20000502)
r7 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket(0x10, 0x2, 0x0)
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000000000000000000006dfeff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r8}, 0x10)
syz_open_dev$usbfs(&(0x7f0000000000), 0x1ff, 0xc0842)
recvmmsg(r7, &(0x7f0000002ec0), 0x0, 0x2, &(0x7f00000001c0)={0x77359400})
r9 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r9, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000200)={0x20, r0, 0x329, 0xfffffffc, 0x0, {0x16}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x100000001}]}, 0x20}, 0x1, 0x0, 0x0, 0x10000860}, 0x8004)

0s ago: executing program 2 (id=28):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
ioctl$SNDRV_PCM_IOCTL_DRAIN(0xffffffffffffffff, 0x4144, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x7f, 0x0, &(0x7f0000001180))
syz_emit_ethernet(0x85, &(0x7f00000005c0)=ANY=[@ANYBLOB="aaaaaaaaaabbaaaaaaaaaa0a884800000200000f0e0000000000004c21e92a076b5eec8cebb498146fae248666abab0aa3fc763ee544652a2e26fcee1d76c4094c77361527677623fe0c2ba7bfb3d3e558d2e59211a6e3e544e3fd55b3da1a61769f7f92da1a9e11680b285a980e151500c97081723716e83719d68c5ab0ed"], &(0x7f0000000340)={0x1, 0x1, [0xdf5, 0x31f, 0x338, 0x79d]})
socket(0x28, 0x2, 0x1)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_encrypt_change={{0x8, 0x4}, {0x0, 0xc8, 0x2}}}, 0x7)
r2 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc2c45513, &(0x7f0000000040)={{0x2, 0x0, 0x0, 0x0, 'syz1\x00'}, 0x0, [0x2, 0x0, 0x0, 0x0, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]})
socket$nl_route(0x10, 0x3, 0x0)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000640)={0x2, 0x3, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4}}, &(0x7f00000003c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffde4, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000500)={r3, 0x0, 0x29, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r5 = io_uring_setup(0x25e, &(0x7f0000000080))
io_uring_register$IORING_UNREGISTER_RING_FDS(r5, 0x1b, &(0x7f0000003900)=[{0x0, 0x700, 0x0, 0x0, 0x0}], 0x1)
write$tun(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="00000000ffffffffffffaaaaaaaaaabb08004500452c00000000002f9078ac1e0001e00000010000655800189000"], 0xfdef)
socket(0x22, 0x800, 0x0)
io_setup(0x3, 0x0)
syz_usb_connect(0x5, 0x6a, 0x0, 0x0)
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000200), 0xa0201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r6, 0xc004500a, &(0x7f0000000000))
ioctl$SNDCTL_DSP_CHANNELS(r6, 0xc0045006, &(0x7f0000000180)=0x6f)
write$dsp(r6, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

kernel console output (not intermixed with test programs):

[   81.027811][  T832] cfg80211: failed to load regulatory.db
Warning: Permanently added '[localhost]:2523' (ED25519) to the list of known hosts.
[11068.211673][ T6765] cgroup: Unknown subsys name 'net'
[11068.359713][ T6765] cgroup: Unknown subsys name 'cpuset'
[11068.362890][ T6765] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[11068.547144][ T1412] ieee802154 phy0 wpan0: encryption failed: -22
[11068.549126][ T1412] ieee802154 phy1 wpan1: encryption failed: -22
[11069.128489][ T6765] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[11071.022769][ T6784] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[11071.025156][ T6784] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[11071.027840][ T6784] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[11071.031099][ T6784] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[11071.033328][ T6784] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[11071.035489][ T6784] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[11071.036062][ T6785] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[11071.038009][ T6784] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[11071.040559][ T6785] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[11071.042721][ T6784] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[11071.044110][ T6785] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[11071.046114][ T6784] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[11071.048620][ T6785] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[11071.049544][ T6787] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[11071.050211][ T6787] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[11071.050544][ T6784] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[11071.050746][ T6784] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[11071.050907][ T6784] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[11071.051634][ T6788] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[11071.053245][   T65] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[11071.053595][ T6788] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[11071.053705][ T6788] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[11071.077015][   T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[11071.086468][   T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[11071.163314][ T6556] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.163696][ T6719] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.165678][ T6556] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.176278][ T6719] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.184797][ T6282] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.188086][ T6282] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.191177][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.193583][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.204507][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.208459][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.213219][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.215520][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.229029][ T6556] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.231334][ T6556] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.235119][ T6719] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[11071.237797][ T6719] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[11071.244616][ T6780] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[11071.843398][ T6807] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input5
[11072.693026][ T6839] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input6
[11072.956462][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.107272][ T5310] Bluetooth: hci1: command tx timeout
[11073.108041][   T65] Bluetooth: hci0: command tx timeout
[11073.108064][ T6788] Bluetooth: hci3: command tx timeout
[11073.116382][   T65] Bluetooth: hci2: command tx timeout
[11073.336343][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.339779][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.342250][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.344675][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.347424][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.407260][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.429718][ T6858] Zero length message leads to an empty skb
[11073.616378][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11073.621463][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11074.826538][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[11075.187273][   T65] Bluetooth: hci2: command tx timeout
[11075.187308][ T5310] Bluetooth: hci0: command tx timeout
[11075.189250][ T6788] Bluetooth: hci1: command tx timeout
[11075.203482][ T5310] Bluetooth: hci3: command tx timeout
[11075.791250][ T6895] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7
[11076.319099][ T6911] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input8
[11076.807854][ T6918] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input9
[11077.266519][   T65] Bluetooth: hci3: command tx timeout
[11077.268277][   T65] Bluetooth: hci2: command tx timeout
[11077.270017][ T5310] Bluetooth: hci0: command tx timeout
[11077.271686][ T5310] Bluetooth: hci1: command tx timeout
[11077.320762][ T6917] syz.1.23 (6917) used greatest stack depth: 20304 bytes left
[11077.820381][ T6943] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input10
[11078.106795][ T5310] ==================================================================
[11078.109263][ T5310] BUG: KASAN: null-ptr-deref in l2cap_sock_resume_cb+0xd0/0x130
[11078.111574][ T5310] Write of size 8 at addr 0000000000000568 by task kworker/u33:1/5310
[11078.115237][ T5310] 
[11078.115982][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u33:1 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[11078.115994][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[11078.116001][ T5310] Workqueue: hci3 hci_rx_work
[11078.116014][ T5310] Call Trace:
[11078.116017][ T5310]  <TASK>
[11078.116021][ T5310]  dump_stack_lvl+0x116/0x1f0
[11078.116032][ T5310]  kasan_report+0xd9/0x110
[11078.116041][ T5310]  ? l2cap_sock_resume_cb+0xd0/0x130
[11078.116054][ T5310]  ? l2cap_sock_resume_cb+0xd0/0x130
[11078.116067][ T5310]  kasan_check_range+0xef/0x1a0
[11078.116077][ T5310]  l2cap_sock_resume_cb+0xd0/0x130
[11078.116089][ T5310]  l2cap_security_cfm+0x795/0x11d0
[11078.116103][ T5310]  ? __pfx_l2cap_security_cfm+0x10/0x10
[11078.116113][ T5310]  ? mark_held_locks+0x9f/0xe0
[11078.116124][ T5310]  ? kasan_quarantine_put+0x10a/0x240
[11078.116138][ T5310]  ? lockdep_hardirqs_on+0x7c/0x110
[11078.116147][ T5310]  ? kfree+0x14f/0x4b0
[11078.116158][ T5310]  ? __pfx_rfcomm_security_cfm+0x10/0x10
[11078.116172][ T5310]  ? hci_encrypt_cfm+0x202/0x7d0
[11078.116186][ T5310]  ? __pfx_l2cap_security_cfm+0x10/0x10
[11078.116195][ T5310]  hci_encrypt_cfm+0x1f2/0x7d0
[11078.116208][ T5310]  ? __pfx_hci_encrypt_cfm+0x10/0x10
[11078.116221][ T5310]  ? hci_conn_hash_lookup_handle+0x3b/0x330
[11078.116234][ T5310]  hci_encrypt_change_evt+0x3f3/0x1130
[11078.116243][ T5310]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[11078.116253][ T5310]  ? skb_pull_data+0x166/0x210
[11078.116264][ T5310]  hci_event_packet+0x9eb/0x1190
[11078.116273][ T5310]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[11078.116282][ T5310]  ? __pfx_hci_event_packet+0x10/0x10
[11078.116290][ T5310]  ? mark_held_locks+0x9f/0xe0
[11078.116298][ T5310]  ? kcov_remote_start+0x3cf/0x6e0
[11078.116308][ T5310]  ? lockdep_hardirqs_on+0x7c/0x110
[11078.116317][ T5310]  hci_rx_work+0x2c5/0x16b0
[11078.116327][ T5310]  ? process_one_work+0x8bb/0x1b30
[11078.116342][ T5310]  process_one_work+0x958/0x1b30
[11078.116358][ T5310]  ? __pfx_lock_acquire.part.0+0x10/0x10
[11078.116366][ T5310]  ? __pfx_process_one_work+0x10/0x10
[11078.116380][ T5310]  ? rcu_is_watching+0x12/0xc0
[11078.116393][ T5310]  ? assign_work+0x1a0/0x250
[11078.116406][ T5310]  worker_thread+0x6c8/0xf00
[11078.116415][ T5310]  ? __pfx_worker_thread+0x10/0x10
[11078.116423][ T5310]  kthread+0x3af/0x750
[11078.116436][ T5310]  ? __pfx_kthread+0x10/0x10
[11078.116448][ T5310]  ? lock_acquire+0x2f/0xb0
[11078.116457][ T5310]  ? __pfx_kthread+0x10/0x10
[11078.116470][ T5310]  ret_from_fork+0x45/0x80
[11078.116479][ T5310]  ? __pfx_kthread+0x10/0x10
[11078.116491][ T5310]  ret_from_fork_asm+0x1a/0x30
[11078.116507][ T5310]  </TASK>
[11078.116510][ T5310] ==================================================================
[11078.195648][ T5310] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[11078.197891][ T5310] CPU: 0 UID: 0 PID: 5310 Comm: kworker/u33:1 Not tainted 6.13.0-syzkaller-05154-g8883957b3c9d #0
[11078.201091][ T5310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014
[11078.204325][ T5310] Workqueue: hci3 hci_rx_work
[11078.205788][ T5310] Call Trace:
[11078.206828][ T5310]  <TASK>
[11078.207740][ T5310]  dump_stack_lvl+0x3d/0x1f0
[11078.209165][ T5310]  panic+0x71d/0x800
[11078.210370][ T5310]  ? __pfx_panic+0x10/0x10
[11078.211745][ T5310]  ? irqentry_exit+0x3b/0x90
[11078.213167][ T5310]  ? lockdep_hardirqs_on+0x7c/0x110
[11078.214748][ T5310]  ? preempt_schedule_thunk+0x1a/0x30
[11078.216381][ T5310]  ? preempt_schedule_common+0x44/0xc0
[11078.218052][ T5310]  check_panic_on_warn+0xab/0xb0
[11078.219571][ T5310]  end_report+0x117/0x180
[11078.220902][ T5310]  kasan_report+0xe9/0x110
[11078.222273][ T5310]  ? l2cap_sock_resume_cb+0xd0/0x130
[11078.223908][ T5310]  ? l2cap_sock_resume_cb+0xd0/0x130
[11078.225545][ T5310]  kasan_check_range+0xef/0x1a0
[11078.227057][ T5310]  l2cap_sock_resume_cb+0xd0/0x130
[11078.228644][ T5310]  l2cap_security_cfm+0x795/0x11d0
[11078.230261][ T5310]  ? __pfx_l2cap_security_cfm+0x10/0x10
[11078.231954][ T5310]  ? mark_held_locks+0x9f/0xe0
[11078.233429][ T5310]  ? kasan_quarantine_put+0x10a/0x240
[11078.235082][ T5310]  ? lockdep_hardirqs_on+0x7c/0x110
[11078.236690][ T5310]  ? kfree+0x14f/0x4b0
[11078.237951][ T5310]  ? __pfx_rfcomm_security_cfm+0x10/0x10
[11078.239692][ T5310]  ? hci_encrypt_cfm+0x202/0x7d0
[11078.241236][ T5310]  ? __pfx_l2cap_security_cfm+0x10/0x10
[11078.242934][ T5310]  hci_encrypt_cfm+0x1f2/0x7d0
[11078.244413][ T5310]  ? __pfx_hci_encrypt_cfm+0x10/0x10
[11078.246051][ T5310]  ? hci_conn_hash_lookup_handle+0x3b/0x330
[11078.247877][ T5310]  hci_encrypt_change_evt+0x3f3/0x1130
[11078.249563][ T5310]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[11078.251383][ T5310]  ? skb_pull_data+0x166/0x210
[11078.252886][ T5310]  hci_event_packet+0x9eb/0x1190
[11078.254420][ T5310]  ? __pfx_hci_encrypt_change_evt+0x10/0x10
[11078.256221][ T5310]  ? __pfx_hci_event_packet+0x10/0x10
[11078.257909][ T5310]  ? mark_held_locks+0x9f/0xe0
[11078.259386][ T5310]  ? kcov_remote_start+0x3cf/0x6e0
[11078.260963][ T5310]  ? lockdep_hardirqs_on+0x7c/0x110
[11078.262562][ T5310]  hci_rx_work+0x2c5/0x16b0
[11078.263964][ T5310]  ? process_one_work+0x8bb/0x1b30
[11078.265541][ T5310]  process_one_work+0x958/0x1b30
[11078.267062][ T5310]  ? __pfx_lock_acquire.part.0+0x10/0x10
[11078.268784][ T5310]  ? __pfx_process_one_work+0x10/0x10
[11078.270423][ T5310]  ? rcu_is_watching+0x12/0xc0
[11078.271892][ T5310]  ? assign_work+0x1a0/0x250
[11078.273319][ T5310]  worker_thread+0x6c8/0xf00
[11078.274757][ T5310]  ? __pfx_worker_thread+0x10/0x10
[11078.276309][ T5310]  kthread+0x3af/0x750
[11078.277566][ T5310]  ? __pfx_kthread+0x10/0x10
[11078.278973][ T5310]  ? lock_acquire+0x2f/0xb0
[11078.280361][ T5310]  ? __pfx_kthread+0x10/0x10
[11078.281780][ T5310]  ret_from_fork+0x45/0x80
[11078.283137][ T5310]  ? __pfx_kthread+0x10/0x10
[11078.284546][ T5310]  ret_from_fork_asm+0x1a/0x30
[11078.286025][ T5310]  </TASK>
[11078.287435][ T5310] Kernel Offset: disabled
[11078.288775][ T5310] Rebooting in 86400 seconds..

VM DIAGNOSIS:
09:17:12  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8
RSI=ffffffff851847a5 RDI=ffffffff9aad3540 RBP=ffffffff9aad3500 RSP=ffffc90003c77210
R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3030303030307257
R12=0000000000000000 R13=0000000000000069 R14=ffffffff85184740 R15=0000000000000000
RIP=ffffffff851847cf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b400000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000000033618ffc CR3=000000004bc50000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000000000 0000000200000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000159fb5 RBX=0000000000000001 RCX=ffffffff8b25f279 RDX=0000000000000000
RSI=ffffffff8b6ccfe0 RDI=ffffffff8bd26800 RBP=ffffed1003a5f910 RSP=ffffc9000047fe08
R8 =0000000000000001 R9 =ffffed10056a6f7d R10=ffff88802b537beb R11=0000000000000000
R12=0000000000000001 R13=ffff88801d2fc880 R14=ffffffff905ff710 R15=0000000000000000
RIP=ffffffff8b26065f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b500000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000002001b000 CR3=000000005cdbe000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 2

CPU#2
RAX=0000000000000000 RBX=ffffffff8b287022 RCX=1ffffffff3503b14 RDX=0000000000000000
RSI=ffffffff8bd26780 RDI=ffffffff8b287022 RBP=ffff8880232c28a0 RSP=ffffc9000c05f960
R8 =0000000000000000 R9 =fffffbfff20bfee2 R10=ffffffff905ff717 R11=0000000000000003
R12=ffff88802b63fc91 R13=0000000000000001 R14=ffff8880232c2888 R15=ffffffff8e1c8480
RIP=ffffffff8176ab2f RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f4c16cc6d00 ffffffff 00c00000
GS =0000 ffff88802b600000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe000008f000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000560c237d38e8 CR3=0000000049dea000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f743cff4
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
info registers vcpu 3

CPU#3
RAX=0000000000aa57cb RBX=0000000000000003 RCX=ffffffff8b25f279 RDX=0000000000000000
RSI=ffffffff8b6ccfe0 RDI=ffffffff8bd26800 RBP=ffffed1003ad2488 RSP=ffffc9000049fe08
R8 =0000000000000001 R9 =ffffed10056e6f7d R10=ffff88802b737beb R11=0000000000000000
R12=0000000000000003 R13=ffff88801d692440 R14=ffffffff905ff710 R15=0000000000000000
RIP=ffffffff8b26065f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88802b700000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe00000d6000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00000000f71d3360 CR3=000000001ceca000 CR4=00352ef0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000fffe0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000
Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000
ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2323232323232323 2323232323232323
ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000
ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000
ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000