0, @ANYBLOB="000000000000004c38686f482382"]}}, 0x0)
fsetxattr$trusted_overlay_nlink(r0, 0x0, 0x0, 0x1a8, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
getsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000140), &(0x7f00000002c0)=0x4)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)

18:25:13 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x4b49, &(0x7f0000000000)={0x4000002})

18:25:14 executing program 0:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@filter={'filter\x00\x00\x00\x00\x00\x00\x00l\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x03\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000002000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffffffffff000000000000000000000004f0000000200100006c696d69740000000000000000000000000000000000000000000000000000002000000000000000000000000200000000000000000000000000000000000000000000636c75737465720000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000041554449540000000000000000230000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a0000000415544495400000000000000000000000000000000000000000000000000000008000000000000000000000000000000e6cc2e3764ec193df62e0a5ee3efc0e11933aef39421535893c12e8f89037f4087b9b497fa5c5892d6fd85a8e84965afa4bda787348927425fdd0192c33cf7c516f9ec79007c6bb9dc73a50e55038d4be164ba232f2cfd80b2b2f3990da5c59d0cd7b9beb77e21b20dbecb20363cb3290000000000"]}, 0x338)

18:25:14 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x2)

18:25:14 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0)
ioctl$PIO_FONT(r3, 0x4b61, &(0x7f0000000080)="fe31a2de156132f43bae58d2a6608c5e0e4fb3cb542f7681e37603c085e614d6a78cedbaf68782367282c7c504add51cf32ea6ba")
bind$x25(r3, &(0x7f00000000c0)={0x9, @remote={[], 0x2}}, 0x12)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x541b, &(0x7f0000000000)={0x4000002})

18:25:14 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xa, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="b40000000000bd6e710b506b0000611050000000000007000000000500009500000000000000"], &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)

18:25:14 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x2)

18:25:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x5421, &(0x7f0000000000)={0x4000002})

18:25:14 executing program 0:
r0 = syz_open_dev$sndseq(0x0, 0x0, 0x0)
r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = socket$alg(0x26, 0x5, 0x0)
accept$alg(0xffffffffffffffff, 0x0, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000001400)={0x2, 0x0, 0x0, 0x0, 0xf5, 0x0, 0x70bd25, 0x0, [@sadb_x_filter={0x5, 0x1a, @in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, @in6=@mcast1, 0x0, 0x0, 0x4}, @sadb_x_kmaddress={0x8, 0x19, 0x0, @in6={0xa, 0x0, 0x0, @dev, 0x3}, @in6={0xa, 0x0, 0x36a5, @rand_addr="57a8bd3ace3e84319c25301a6d7df0cb"}}, @sadb_key={0xe4, 0x0, 0x3890, 0x0, "ba5a143a8f12053b05281f6dacb6975b5578ab1f0b2ca34a23c4a345290c010560577398d3cc827f81a6cb5c65977ed6f300870cf32c35826c33a4564d8178a017fc097623e84b840b305492cd349ba6f0f7e7504600963f385134a336637691efc841179a3f4ab005386f3da1f381ec07b910546915a54ef1eabb943f30b80df43c1ca7281596e698400fa265027193d40cd3c26118e0dce8d5d7819f6c8d16ee52d43548803fa178bfd476d2c3495d4415bafd06901eff7944d1fc4b2be8a13ef6f5478a48744da641dd568b2a9fe5af7c60f2759cb6ad4cf0898016130ae27877f4971671df2eaffa37691654ad6dee8ebd3a8c936c72c8948d063b76d5abe9b3050ea24b1b0fe94cefe278e7cf328d09021be3d62dd8ed18e34e682ef81a77ecaa4351fc73f3e113ddc04895b4ca264b285b88e5c4caa2054715aa1a866478096eb96b94439e20000a5865692a4d921b4f331e1e8fd78eef3e10534e5b4ad0232e86fe1bcab218f0d900a547d18fa5e3b6ccc9070f582946dde6b1d366ffaa560e735e34a213db92aef0d70f8ccf2ef9849ab69839bcb60d3e5d1ae11f7d9f93651b20498edf0471470eb5642acf62958661f2ee33a2423cbc12f3813ae0c9ff6b65be1578a99d8d47a3cc684f1da7270f7cbce66fa8bcfd4174531b87fad8d93955fcca4d83e7de29eb62440562295bddba98b2c0062c1084a46a46288b4633a4460b4d92c255be5b4058558642ab2bce4dc6551664ccda3bd8557d35caf9b060aad81da46c5c1fb4087e839b760b4395ba7d72c5ea8eaa95ab6c4416de8bbb3dc6b7c4cd160eae6f314c1e4073a6d9e00b3ecac86036d82113024c72e4a8a756df4524599500ad5cebc7eba9b1c37c433ab3a166ed77bc36020da64c32e6187c8a984c8791fef4a3427d30aa5aff316302a093b60e4780e8fc7250b0a4cc376fa782011d45ec0b9f0b91b5880f7587e3ac1cb788c63039157d722cf51997a4ad21a03c9e38dbb2795e06756e429ada53d47b63646994582287d48575445ac3ce389253cd08e9cb9fa777c4ae5c07ab9c9b6ddca63658bf60c857ef5bf4b4fd91253bd85438c601875667b4a36da10131aad7294d0c0726baa66b40f6c439a07258953ba3bda6a931c603f463e54759a3d5478fcbf15de69fcb1c886514edffdaab2c5ca074e5c614ac001ab1056c49f5ca59243796aa9cb5aba821c92a26ace8835659dab2ad26bb99fad27e00eeaac23ab573fc47aee3fbc51abf06219d6dbf943626944701547c7f98c170737e0f7305705c172996460a4d5c039522636eeacf97e332d70f52d84d659c9d43c01b6a8dc512d9ab342b1bf35aed005932a40de2c7e669a1b70939bac444bb9afd4d707728b095c77eb8982b326d741899a94db1091d773ffc4249f9976155a43dde5e85d1cb0f83152729ba8996424eef6dc7bce4fcbbaba8a0ce152c82bebe8a3b5f83146e7a977482147bd8a2946d6c0c66efc04fd3ea9a4fca870fbb5e9deb491d2e3f05e45fbae71e84e28bef3bbf81ae9fa09513b2d086d2020f22eb8e70caba725eec63cd85696a7ef328a5f839108f0117ece78c5406dc0d002e647556f4faafd86dbea68ce8fe10172f9d77b14e559b575adf596763ec7949b536116432283c07fc1123f29600e9c3ae9ffc2fbcd52bca3e7325d80677566b9d763bfc447a28995f4368af3065db9ad88146eb17fbb0b21fa8d9599117e3de039ec4d576dec0832ed4e05dee0c46601176a1b379d809c3b04193bc21fa165cdcc7744afcacee45c02cbfbfe43fbb4a470521dbac86e087ee10fc8eb533bb7011a6b7d5d319e3746dc3ece4bd1d4041229c5662375cffbfb3a65649eee11bf047e42f47c0e1e25325b86742bcd69e0c8500b961ba81af820c0dcd2b5a8f954990e7f7e65b1c1c7c47cb6c71304f2af26b16a08c01f0f64bb3242acf0dc0d232979646f96abb662a65f8eeb30fad484ef7f29d16c84d90ea7b2a6450bdaf02057b15e5d154249d2b224b3c40062e0802afca23113fde5499a871f6e90643000375b30c4524862f4f01d41dc18db2207835c79de8e4c7d1817311f18e6ac95fae19d96ff1ad51b023ae6656bd545631a3e4253c31940a15e71876d535da6da408d085f5b0277f4866dbdad8d9c66f5719f1ff2be334cc43d177983b129832a457e88ac63d463a4bf3609a4528aaa98da8706ad85ce3b5e1cade0f7af51e77e284fcbd9aa3d3ae85b0547b250ee21a1388655f7dd89572eaffcb64b5aa8bb66e0061293d98bf3f527b929023f45414182c8bdfd764ad18011837f2730c40467bacb129a0dbeb840464c64a99ade3889974c70403535f5a7cb6fe4f933d7e96bc04ad95dde733f78d95cfdbe54c6e42918df5b6d46680f4c5323ed51bc312093e2bed3e3beeccb23d40fd75f76054853628a96dec1cd5259e1b368e28239e9ab24eddab1d91e293a03e401a9ed98d7be18f4c918abe4649a80a0308cdb9a9ce9fe7d9f68a6f5ad11112f83b686c35c43152a7cdb4b186524986d900b2df511ddbf4902dfb6f5e"}, @sadb_ident={0x2}]}, 0x7a8}}, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000001340)={<r3=>0x0}, &(0x7f0000001380)=0xc)
perf_event_open(&(0x7f0000000240)={0x3, 0x70, 0x0, 0x1, 0x1, 0x5, 0x0, 0x10000, 0x40200, 0x1, 0x37a, 0x6, 0x1, 0xc0, 0x9, 0xe7, 0x3ff, 0x81, 0x4, 0x80, 0x1, 0x3f, 0x40, 0x7ff, 0x9, 0xffffffff, 0x2, 0xffffffffffffd837, 0x8, 0x1, 0x6, 0x2, 0x401, 0xfffffffffffff000, 0xfffffffffffffffd, 0xfe, 0x100000000, 0x3, 0x0, 0xffffffffffffffff, 0x2, @perf_bp={&(0x7f0000000200), 0x4}, 0x162, 0x8, 0xfffffffffffffffa, 0x4, 0x101, 0x10000, 0x2}, r3, 0xc, r1, 0xb)
r4 = syz_open_procfs(0x0, &(0x7f00000002c0)='map_files\x00')
fcntl$getown(0xffffffffffffffff, 0x9)
getsockopt$inet6_IPV6_IPSEC_POLICY(r4, 0x29, 0x22, 0x0, 0x0)
gettid()
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000005d40)={{{@in6=@mcast2, @in=@loopback}}, {{@in6=@mcast2}, 0x0, @in=@initdev}}, &(0x7f0000005e40)=0xe8)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000005f40))
fcntl$getownex(r0, 0x10, 0x0)
write$FUSE_INIT(r4, &(0x7f0000000000)={0x50, 0x0, 0x2, {0x7, 0x1f, 0x200, 0x400, 0x5, 0xca0, 0x1000, 0x1}}, 0x50)
mq_notify(r4, &(0x7f00000001c0)={0x0, 0x0, 0x4, @thr={&(0x7f0000000100)="3126a7a6fa5c418a57d9a197e87451584431c69651aeb2f2d61a1793dd7703f9d9990061fa447276e7d59b1b509b964aa4ca8c13dae52535df4887cdc6f109a25c8f826548f4ed52f3e706f2b7df1c", &(0x7f0000000180)="5e2ce386b5c621e1e8fca2ab0abc21c90be0c9ce22a3d77edb78ef599823862f8a3e762cb0a747d26fed84ba2771041c74ca3e7f3ff33f28d2b6ea0679"}})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000008980)={{{@in6=@local, @in=@initdev}}, {{@in6=@local}, 0x0, @in6=@mcast2}}, &(0x7f0000008a80)=0xe8)
getdents(r4, &(0x7f0000000300)=""/4096, 0x1000)
syz_genetlink_get_family_id$tipc(&(0x7f0000001300)='TIPC\x00')
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, &(0x7f0000004040)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\b\x00'})
ioctl$FS_IOC_ENABLE_VERITY(0xffffffffffffffff, 0x6685, 0x0)

18:25:14 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0)
ioctl$PIO_FONT(r3, 0x4b61, &(0x7f0000000080)="fe31a2de156132f43bae58d2a6608c5e0e4fb3cb542f7681e37603c085e614d6a78cedbaf68782367282c7c504add51cf32ea6ba")
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:14 executing program 1:
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
ioctl$SIOCX25GSUBSCRIP(r0, 0x89e0, &(0x7f0000000200)={'hwsim0\x00'})

18:25:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2)

18:25:14 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x5450, &(0x7f0000000000)={0x4000002})

18:25:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2)

18:25:14 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0)
openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x0, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:14 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$RNDADDENTROPY(0xffffffffffffffff, 0x40085203, &(0x7f0000000380)=ANY=[@ANYBLOB="180500000000000010e07710fe34db8b92f119627e9ffacf60ea8564b35cf78f2ade08fec1f792cdbd"])
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:25:14 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
lstat(&(0x7f0000001240)='./file0\x00', &(0x7f0000001280)={0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0})
stat(&(0x7f0000001300)='./file0\x00', &(0x7f0000001340)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
syz_mount_image$f2fs(&(0x7f0000000080)='f2fs\x00', &(0x7f0000000100)='./file0\x00', 0x7, 0x2, &(0x7f00000001c0)=[{&(0x7f0000000240)="8247cb8a4aad8f071286d3301014cfbd9ac6d56ac3125ccc983a7c0597e6e0a57b3b6ce6911ef451ef44d6a830af8223c3dbc31d4a460d3c87a3393719ad8142ea083f028cd968d3997287ebb376d109c5f1f94f84546173bf43bdb6e1d82196dc6ac07034bfe3decaaf63ea15cfff599d56eb26dff461034be8e6403333ac4e177df32883d1308f64698c7a3756bb9339ebd5e1623d9dd2c9d48d059f4ad598907099db7a068d146ff03387ce6d51f56f980219024455d6bd71c676810b4711064b66bf397cce2708d9f5dee1c16d6b7d4ef836c3c8964cd5d3492adb6e31218edc30a912152e5b3aac881b49d7f8e5622090e7175e495b52bbf157e7401d7aca91c81a7d4b0885f5e35031a06a1d881a8d1f9ce86e7cafde1506badd4d62c4ca948d96e993c37cec9b309ef16d1dd80e5acc3aa94bd67fb8d9af900f5c544cb9f5030c109ed9ccb1ecffb21b69818fa7e78cc9a125f536da98b30fd1724d7cf52154d7851ee0e4e5790eccea69913ea850c2664bf4c90a79a2eb77d035058138e0794a353397e9dd09d1400effcb4f1c8c4499d0fb9d253d06c8e76b4d4c550836539ffca70409f47f430cc34e0221d0f9e0e1fffd1b9eeb6bd09c7335579463890b6065fdd374a3b53b3bd3e2caf9aec23700bb15b9c5b41b419a2cd5e2671db3e2332e7c0e8478cca1e4175914cc3e1f6120fe22fc00b93a698ffcd66ec96aaef6f3ea70e7ef778355c5f8db161b98b4bf67bb8029874687a04d9bdc28f7a3636bcb3f1868a1769c8378c52eb9696ed7b8501356cfcb141fca26042c1ccd2e96fad5de1244909e21f55cc1cc90ff1ac467417e72103023adbeaee0ee6e04d67271d777302c08bcaec8c424a12fe843ca8b17e9e2eb781e627fa5b2cb0e0d79153653844045b94e4f4b1b275259c95dfbfdc391426f1e8d1640eaee9041b6575c8fd17338ce3797c4f27c5e3d5611460286d8f45e1bc44db23524e5e4e5de8c906914a1e2dbe64e4f56e56c738ff5eb4fb0eb54c7011f5c8af66f6e7f30e177a1ebbad2eca51e2f419678f1e7681c53f2954470cb4ed85906d1402eedf2a43dd8fbdb268b376bf1ecc237fc4ecbde626dc7f8384046a5603df9d6d040ed1d66ff74f8e489a731603b66820e0947a5469b992f94d5643d75bfc65fe6f64f48469e80ca6541b209789d3a13fefc117fedbf7e1234276d964b9078dc9ddf475a90e2dfe48d87f7051474df5f19fd778891f60f5a46f3e00b1dc368a6118666fa7cd16175abad5fd7144e017012d0a31c67454fe09f5bbffd92fedf5a787b9f12bf61070e616b0f210b8cc95c546f1fe89de42630f6686fa9cf4ad4c4eeacba4c339bd90cf6d442003e5c7e208e76228e2f4ef7b4086aec548939c6261b72f5c7d5649ae61fecb0de282dca046e3ace4d6ebb3bbbb66f11e224f72902c63d3d7153a79292ec75d542579c12958f310ec39d1db9fbd8422a23d7c189356d54e22e686ecd2df60cb4ea5b9c79ccb89a399ce09e00300e9d4e5c4da2d69258f171645928cec7aba35add0a17a3deb9fbc38e68a7be7fed62416b44e12d37e96cc67c2de4b368821c16e419a15571b8b4fae00f504a9a65b60f3e8db4c27a3b41f51aecfdc24e72ae9556a7a13b2ed4cbf0d4d2342174cb7a7874f6df75059c2f9ed2b3621a2df2e3eb5d1f885ba127097abad726a38680719b33cec93ba94bc273f65b0fbb9d6022712b58980ef8651e94fd16beb3c3efe14d6162bd0131eb9d849ca366a27cf44d233ba4d455ee79743b52c2d3282b288e0b3ef56817b994aff026a9fd8caef384a6a8a71674873f1c4f8374da7f86f0083922f48dc0f87a75109a5407315addb42878722da6f5a9fc49cd7d195a22f4f72b1174510be84ce97cb03ecb58d21cb3bb7d9ee31ac87ac00ec456ee6d3f93fa7bb3e3db58d2cbaba000666383e40a24cd325706192a85b44b29e9f4dceba9c9c17722127826b1a6d161df84482e230de8707af336d18482e63bb6852c5624d7ec0b166e0022242413367252ff87b57e83f01231f27302adae8c9132744e555f7a37ee9865f8806e640b9cb70b300d7877b0a8ad2954a6c24b05ec6b690291412d8eeec03e207fcb1811ce78335e704eb962b0642d14028fb9ebe1f34741d7b44bb639842ece691887fbb3cae1899738b016cabec56c28b3988d0bcf2e8317632e76f37bdb6233fa69821f4ee7765b3308777e73ad4e6f9d033fe84bbb3ac5ca08b2b23854c2679ec31f3217ff790ea5d6533e3f5579221b36eb6c79860e422d95e075c7e5e005b732626ce9805ab4683dd34ff670e804da6f3e1d205e5c263447a5f3e03c867e67e3b497b621d2f75eb31c139cdf31c1ea42b1ffe0b456cc7269351251868ec3f5e73f63854dd8f97eb5f623ba4db91de8b27bdd30d2ece9f7e9c7d13f68dce0c82adb70459bf66b6c4493d843091eac7b4e745be75171e71cb604656a2864969bdd3702aebadcb02697d52f2aee12eb6fa0eb45f0ecffd8e8c3b0412569ca44a0626d4dfb213925c2126a3f942555d7e4d35f21565062fb336b7ee00668102e9caaf49dc66c8ea5888e860e02744080c8f88040d211d658a8946b3580a599ebf339a6a68bc7b088e905ad860726cd36a3f086f25a43280819e3cbbc56f8e9291242e0e8f9287a93e9d63df6e94e25fd543ba73deb6f7162ee8b326010efeb5d1474c3454f7b3c104fadbad39ad6e582c83561cdf1d815ca236f276e1f842c1a3d9b817c58b3d00987f007192d19014fd1b93e2ed1c4e1d3753199d27c8d1965bde819df6115dc11b72941ceeb69ee912cf213d04d3044bf2ce467a6516abbc47edc2ef8a415757ecf8c31f79b3bace67dd693bd2f05deb39d32ae43304c1337fea5123d4578a27d5cd9d5e234996c78f22df4a0c24a76999ffa0002a48da6c43cf070162d875eda73e3132c095b0fd27aa1965f06c9fdcfd3177d474d22f40c99d9c6f874308225110a44cf6294a729a5df1a9aeecc9f64d49f3f31b5d590e6be9ea450d4e4db60b830ae8a81c3209dc2a04daf167c3fddc25fc9b8d14c821f67d65af52462caa46b6509a60d5f5e8861545d0f008a400719015ff2275c3d8446e76779cd6ae7bba176ae67c399a747512807fa0367f5fe9f6766cffe0d1eb882342527ae2b784a1048818f426491f3d4fc06393dbd3c11595d1d210b71e85675e089c9f12028a27249f80386822ba6062fdb0eacfbe1e8e8059f827d2afea1cdbd3a190b08fe5c6993556890ea6afce97a83430f3162996724ab154b107a35a2ce9e393bb8b5e3dd32d2440cc23a2112b04b57679e6e7b9177487e556ef1aab0b1a44519e3792467a847a835600e63ac841fb7e574096be8c24c6a392dd9488b132c15bb27f261763edfd4560bad74b91dc0fba136df0ecc3710b4f291f1bd47b63d141ca521c86c486dcb2d12cd4a17e7172c06fbba7338d79a894ba74b52c108fbe8d7b013290dc6876719f493e175cddac2bdf572009e6d32055facc2ba8a311100227dfaded4dc5e501d240b72f429711196208d66d543a8927f2dc2a567984156b57ace8bbe1330b8f7f1f4b08bd6ae7ba207eb4c129ab71788b39d694187ac33c17d0469d8ef1ecc9b7e7ad05b0beb0bddecdb748e0265d2f5aa4f28e40259e558ec421ac3a8f2967f39a2a627b59eeb6a7f77e2c745d924aec787b8fd40a8f06ddc1c3d08c26fe4b902546f81436ed34af897175615ec77f449970c09bfc2643087f26544bda48003a5a6cc757fb3ef6032c1915c76418362fdcfe9642934ed82ff1153f2df631a1002646b5ede1644dd1a75f5dfea8fbaed211e6624dedf8c5d8920cc7e7da6fd1ef2d0f131dba2e9b57615e7c94cf83d3caadb527f191eaea698562b314cf8b3c8804a855ad7e1287c625bbd3d9d95309ca04472494f1e957360c4f9ccdfe9b6f1ddb624f9c4a742e0f581e88d1d06571535753b98f34f7be58ac28cc2c1027bb02ffbee924982af9ab77ca4d13fbf1ddab937fc0481339a375637ecbc0f92a836869d2424eb3c97a294fe9b77e0cafe07678f1787b07f900c9322ea2cbf4860a6da6e8ee8d94f55eb4fc40443a744ed0fb8a3222cbc5d7adc495400aaac7e7d625f4580868d02d29692215989efd2ef917eda489a14b9eea716159fc42fba4d469c1ee199b0819b8cf07ba3cb3a5db88801ac141d02233027573edd9e2792c51afc85cbeb4496c40066f4098ecae7e02bf83b5b045ef15d10a7d88b25a8214f48ea1f946f4015c0e586a623624101eb45ba3d913b97ebfdce9e2ac705ab69c24369eb5b59607c25902dd4fdd06769345d3c2f772cf4ac7ef2f31f8eaf15851f4ca816ea0872b50c71588a61faf4c6612873ea8520a34aa52d95955081308fdc41e62c2c267693c9bbc4bd0d2f65a211d6f92b04bc6542f1117120bcaea799c1effc181bed352b2297f7df3485e4d7d0134343af16940c11d3f0b89df46173df6c8989ff2e18c83a67b7bde302107e7327b1872a83e0725bbfd8ade4027c855129342501fe3900236e1ff9dde49d536915cd551c2242a1ee78a82e83653a1f17badd712e588cd66e28bf6e95f38b9f870fb1088e8aaea9c74bf3cc38c6334beb86d1c4b1dbb84d5190d2383401662c834c17d383bea32e97c0f7d99902c55c11eda9269c6f52dcc81744940ab1956657e362d00f3a39ecd9aeb1fa527a776588272e2e6152cfdd62f407dbe9dba752c1ca27fa960427215ba5c784bbadf2a88fe272f8445c01ccc7078852d3ee16602c7d8558757b440c062a7fbd89ec181c93ee8c1d25c964a823e79359addab5ffaef66437b00f3db111ac5a84a1f6875f88000e32d5f99844a7c84f948addb37e4d99a3868e8161b3ff909ea47af295b8b5f9c4d6ac16c07715f0bd7424c5cc7a8db9b84bacb27ec90cb6910a259d2cfdf943835c3df572978c3d3dad712aaa282ed05e009eebb506b2b77cbf1942710801e654328f1c8c803f596d4c56279922dc6960195ec594a7f468a571fd63bcb473206bf96d343f3fba883b9aa4d3607ee4139abd439f9382042056213231435b8153682dbc54d1fded40a2ba881c61579080628a33bf442dee09cc930091fcf69aace9bb6ad61ae707e14ceae6fdaedded491f0334dc48fe9a66324f587f57d8a39668e1b2d6f86a9d34fe7c8ef1554d79d01e034a1a76e29a16072109c25fd44b570d4f4023c54a226a37bb7e96bce988fbeb935279443e713d5ea016ba6c90c033c5d0ac04142b6ec34dabd3df95a68faf25c9931258b18886117923cc5e8d6a89d1d439e2dea0610496c58f0a75fd113c863372d202836a7df6dba2d39e8a94b8595e2eb6b3ef6d6a755fc229c1e430b36e7fb66f8ee8401807514ed3adeb4b108f621898c5b816146183569ab625c94075871bafd62db863b7be00dff37839c184c815cf7601aac38eec14bdd1ca6b325cf7b76afd9849e00ddb81bc684ddd62441365eb0c95bdc142019567be8043b1806d790e04b1a7febbe5edac59c0ca9770bc7386b81116defa3c01eee5afbc0567781becc3d2194e2f51f60557dd74a8fe805619f7d8d7a2f2f0fcb014219f7251a354684421f0eaeef369703f4ccbfaf42ff053460b45f98f328e2c1a990d458c3b4cf1101b56ed81d798ecfc28951ccd4a92f7ba7b991ce0be54d8cc0d84cec082e37793ef4dbb8837bc176afdfe1f6f5c2c0b16aa4cba1280b85652eb24383ee7df906ab2800b0ef05257e277def5891a9576e7a4d9fd8d2c171b4e3aa5045c3b159661d2", 0x1000, 0xb7}, {&(0x7f0000000140)="4c9db37d8d47626bf61129e9ab07214998c122b4cad529b92783a72e86c6d2b0c065eb1344eb3cf2b62d64031bde44b63e7ca3d9fa9301fe63323f64511b31a0aeaaeda2b94ebf3ae3995fb94e2a3ed36554b35c0609bd316c002d6e444a6602253323ccede9b113bb", 0x69, 0xffffffff}], 0x8000, &(0x7f00000013c0)={[{@nouser_xattr='nouser_xattr'}, {@nodiscard='nodiscard'}, {@extent_cache='extent_cache'}, {@nobarrier='nobarrier'}, {@resgid={'resgid', 0x3d, r1}}, {@norecovery='norecovery'}, {@noacl='noacl'}, {@whint_mode_user='whint_mode=user-based'}], [{@audit='audit'}, {@smackfsfloor={'smackfsfloor', 0x3d, 'uid'}}, {@obj_user={'obj_user', 0x3d, ']\\${*&[vboxnet0$+keyring)vmnet1'}}, {@appraise_type='appraise_type=imasig'}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}, {@permit_directio='permit_directio'}, {@euid_gt={'euid>', r2}}, {@fsmagic={'fsmagic', 0x3d, 0x6}}, {@obj_type={'obj_type', 0x3d, 'uid'}}]})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
syz_mount_image$hfsplus(&(0x7f0000000000)='hfsplus\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={[{@gid={'gid'}}], [{@uid_eq={'uid'}}]})

18:25:14 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x5451, &(0x7f0000000000)={0x4000002})

18:25:14 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2)

18:25:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:15 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:15 executing program 1:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, [], 0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x3c)
r0 = socket$kcm(0xa, 0x2, 0x73)
sendmsg$kcm(r0, &(0x7f00000003c0)={&(0x7f0000000000)=@nl=@unspec, 0x80, 0x0}, 0x0)
getuid()
shmget(0x0, 0x2000, 0x10, &(0x7f0000ffb000/0x2000)=nil)

18:25:15 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)

18:25:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x5452, &(0x7f0000000000)={0x4000002})

18:25:15 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:15 executing program 0:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
fcntl$setstatus(r0, 0x4, 0x40000)
r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x7fff, 0x80)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000040)=0x6, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f00000008c0)={0x2, 0x4e23, @local}, 0x10)
recvmsg(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
setsockopt$inet_mtu(r0, 0x0, 0xa, &(0x7f0000000100)=0x1, 0x4)
getsockopt$sock_linger(r1, 0x1, 0xd, &(0x7f0000000080), &(0x7f00000000c0)=0x8)
write$binfmt_elf64(r0, &(0x7f0000002300)=ANY=[@ANYRES64], 0x1000001bd)

18:25:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000080)=ANY=[], 0x29)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  154.909560] Bluetooth: hci0: sending frame failed (-49)
18:25:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x5460, &(0x7f0000000000)={0x4000002})

18:25:15 executing program 1:
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x8000, 0x0)
mq_timedsend(r0, &(0x7f0000000280)="b5995e1ceb8dc985339120978a74d6", 0xf, 0x7, &(0x7f00000002c0)={0x77359400})
r1 = socket(0x40000000015, 0x40000000000005, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000000)={<r2=>0x0, 0xc8c5}, &(0x7f0000000040)=0x8)
r3 = open(&(0x7f0000000100)='./file0\x00', 0x0, 0x8)
ioctl$ASHMEM_GET_NAME(r3, 0x81007702, &(0x7f00000001c0)=""/153)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000080)={r2, 0x7fff}, &(0x7f00000000c0)=0x8)
connect$inet6(r1, &(0x7f0000000180)={0xa, 0x0, 0x0, @ipv4={[], [], @empty}}, 0x1c)

18:25:15 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000080)=ANY=[], 0x29)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:15 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:15 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r2, &(0x7f0000000080)=ANY=[], 0x29)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:15 executing program 1:
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vhost-vsock\x00', 0x2, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x400800, 0x0)
ioctl$PPPIOCSMRU(r1, 0x40047452, &(0x7f0000000040)=0xfff)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000340)={0x0, 0xffffffffffefffff, 0x0, 0x0, 0x0})

[  156.956275] Bluetooth: hci0: command 0x1003 tx timeout
[  156.961968] Bluetooth: hci0: sending frame failed (-49)
[  157.435999] Bluetooth: hci1: command 0x1003 tx timeout
[  157.441494] Bluetooth: hci1: sending frame failed (-49)
[  159.035727] Bluetooth: hci0: command 0x1001 tx timeout
[  159.041122] Bluetooth: hci0: sending frame failed (-49)
[  159.515607] Bluetooth: hci1: command 0x1001 tx timeout
[  159.521014] Bluetooth: hci1: sending frame failed (-49)
[  161.115619] Bluetooth: hci0: command 0x1009 tx timeout
[  161.595660] Bluetooth: hci1: command 0x1009 tx timeout
18:25:25 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)

18:25:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x40049409, &(0x7f0000000000)={0x4000002})

18:25:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:25 executing program 1:
perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="85000000110000090000000000000000950000ffffffff00"], &(0x7f0000000000)='syzkaller\x00', 0x1, 0xcf, &(0x7f0000000480)=""/207}, 0x48)
r1 = dup(r0)
ioctl$KVM_SET_XSAVE(r1, 0x5000aea5, &(0x7f0000000580)={"d61674fc7fa5611520cbae1ef83476315ce0b1f884903a9a96d54c8ab5367369eacab2a04877e0770dc5cdedec19a3151c7c8f8177dde85555bff457ac2555dcfc0f12c6f8a54fcfcc10938ef34e5113e669c18c0ba8cc89c5822d8785f9bc0db2e3847e5f3d29c6fc937fc95b4cac1a9c2b5d6cf2e28a094f735ad3188ad78144193a4ea21fd99eb46649ec0f39d59242460629e1251f9786ebab2fb281b72b9c71225034e7070c72cae0310fcab454e4db52fd341c8b4545ce10fdc17ae23458fbc1da0367879bb112c075fe4a302f790677e9bf849aa5521b5c79c645c492b14e2e67da63091c75711a990b3b9761193e5bdae31ddb11ab88ab7e19b90479b8827ad4c099248e20fd98e7f7bbbb3015872930053714ba72082985502a73117843c2552e7612344145a3d5b972b0e1b936cdee751d68f8c63a5bb9eb1525dc67fded07cb5f8ecf5b13ef6a7eeb389938aa606631086e3d09420947ae0bb459ee3cfb62c9f52a8037dce6c0a686a065cf683d08f5660ba2c7ef8b697d1d231c63241208c61a1caff0619244dc0376cb3d1c90080685efc19c268d4dab2b65c3bab371f0a0921e95403eb0230748a0aa625f4827bde2799d8d1cb7d0b01e50356596bbb3cfe719127be1a8b3f4b25449ee9b8ef0614a397606a898deb41aa6d25da45b71f13bbc4bac7d70a21b5a8063455a648e4e633d24935ae431d0d2d8104820614d7c7d5c88d9108803ac833cd6816c023a2dd584649ed697f603e34984b548194ac88fabea60ad52cb71e847c0417deae6fbf9d053ad2ca6f0cb623d2f01b0818b10389eb2d0dfff61615ec5eb25cfbd5abd153626641dd88758c1170eb0ada6df0c931e8e08b860027c243d103a9f347ff2048fc05584679cf619ef8b2f81088680d5de196795dc788221324098f3a68ae5af70716fe4b93f6931e073db4fe388ad5555bbd12fb4819cfc3f4c2c7c3f7d996c1ce3176dc6351dc456528de6dea765e7a876300de6131d5d39ec60c203ad9559f16886d5b5c03dcb33986329ea310f3be8eddd4f95a7188aace91963cd3d9611d2423758ac2324d2851dd567ab9876566fb0ef748bf3fb8526bdeb9a1d966a08c2a256e90d4a7e8eb795d2434606a2b47036765e4b96413312c28b2d32d8cf6235fe05bc271810357bf90e70e4c54a041546c5c8c6b22c62c4576e5d8b64a9ec4a4a3b7c5e181b65d77d6da0a47df3e1a45723fc04d04213f22d96d9deac16214d9097323eb12cf035b654fdf562f60538d106f859210fa6faa9c1fd707ea3e8cea454c24ec88ea8fd993d86fa71e9747ecb855e4f382ba2cb191e3bb615911c925ffddb77628c50562d8827de0973c3ec53c0fe2d6cbbbd2a25bacbefd30d71897065bc766430407a9d1173cbcac8b209e2ca191991c3b49671b5f331f0b7fffc84136b9d40d37d4d66"})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0xffffffffa0008000, 0xe, 0x1a0, &(0x7f0000000200)="fbbe22cf104c948f665e6007769d", 0x0, 0x2b1}, 0x28)
ioctl$SIOCRSACCEPT(r1, 0x89e3)

18:25:25 executing program 0:
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x0, 0x1000000000031, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000080)={0x0, @in6={{0xa, 0x0, 0x0, @rand_addr="87335e7cbf155fd0d0fd9e3d7484145b"}}}, 0x98)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x10000, 0x0)
openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/attr/exec\x00', 0x2, 0x0)
mmap$perf(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1, 0x10136, r1, 0x0)
setsockopt$inet6_MRT6_DEL_MFC(r0, 0x29, 0xcd, &(0x7f0000000140)={{0xa, 0x4e22, 0x4, @initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x2}, {0xa, 0x4e21, 0x3, @mcast2, 0x80000003}, 0x3ff, [0x9, 0x7, 0x8001, 0x6da, 0x7f, 0x100000001, 0x7fffffff, 0x7]}, 0x5c)
ioctl$PERF_EVENT_IOC_REFRESH(r1, 0x2402, 0x10000)

18:25:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x40086602, &(0x7f0000000000)={0x4000002})

18:25:25 executing program 1:
r0 = memfd_create(&(0x7f0000000300)='&Vkeyringselfem1\x00', 0x0)
fcntl$getflags(r0, 0xb)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7, 0x40)
ioctl$KVM_DEASSIGN_DEV_IRQ(r1, 0x4040ae75, &(0x7f0000000040)={0x5, 0x0, 0x6})

18:25:25 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:25 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x2, 0x0)
getpgrp(0x0)
r1 = shmget$private(0x0, 0x4000, 0x0, &(0x7f0000ffb000/0x4000)=nil)
ioctl$KVM_SET_VCPU_EVENTS(r0, 0x4040aea0, &(0x7f0000000000)={0xfffffffffffffffb, 0x1, 0x7, 0x0, 0x6, 0x2, 0xffff, 0x1f, 0x1, 0x80, 0xd56f, 0x4, 0x0, 0xff, 0x7, 0x1, 0x5, 0x4, 0x9})
shmat(r1, &(0x7f0000ffc000/0x4000)=nil, 0x7000)
sendto(0xffffffffffffffff, &(0x7f0000000140)="120000001200e7ef007b1a3fcd00000000a1", 0x12, 0x0, 0x0, 0x0)
syz_open_dev$loop(0x0, 0x0, 0x0)
sendmsg$unix(r0, 0x0, 0x100000008800)
recvmmsg(r0, &(0x7f00000037c0)=[{{0x0, 0x14e, 0x0, 0x0, 0x0, 0x24b, 0xd0}}], 0x34, 0xac0, 0x0)

18:25:26 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:26 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
r2 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r2, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:26 executing program 0:
r0 = gettid()
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
r2 = socket$unix(0x1, 0x5, 0x0)
kcmp(r0, r0, 0x0, r1, r2)

[  167.195580] Bluetooth: hci0: command 0x1003 tx timeout
[  167.201009] Bluetooth: hci0: sending frame failed (-49)
[  167.755546] Bluetooth: hci1: command 0x1003 tx timeout
[  167.761183] Bluetooth: hci1: sending frame failed (-49)
[  169.275605] Bluetooth: hci0: command 0x1001 tx timeout
[  169.281004] Bluetooth: hci0: sending frame failed (-49)
[  169.835603] Bluetooth: hci1: command 0x1001 tx timeout
[  169.841099] Bluetooth: hci1: sending frame failed (-49)
[  171.355644] Bluetooth: hci0: command 0x1009 tx timeout
[  171.915572] Bluetooth: hci1: command 0x1009 tx timeout
18:25:35 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)

18:25:35 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca50d5e0bcfe47bf070")
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$RTC_ALM_SET(0xffffffffffffffff, 0x40247007, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1f})
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="660f382b1a0f01dfdde80f32d9e90f086665676426f7c5000000000f2245deef0f23f5", 0x23}], 0xaaaaaaaaaaaae88, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f000000c000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, &(0x7f0000000140)="0f06263e0f300f01c426f30fc776130f01c5f30fc7b4cd08000000e300c4c3fd01bcfc7ff800002e0f7938f4", 0x2c}], 0x1, 0x0, 0x0, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x2, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000002000/0x18000)=nil, &(0x7f0000000280)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffff9c, 0x0, 0x87, &(0x7f0000000080)='/dev/kvm\x00'}, 0x79)
r5 = syz_open_dev$dmmidi(&(0x7f00000001c0)='/dev/dmmidi#\x00', 0x7, 0x40)
getsockname$packet(r4, &(0x7f0000000240)={0x11, 0x0, <r6=>0x0, 0x1, 0x0, 0x6, @remote}, &(0x7f0000000300)=0x14)
ioctl$sock_inet6_SIOCDIFADDR(r5, 0x8936, &(0x7f0000000340)={@ipv4={[], [], @multicast2}, 0x57, r6})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

18:25:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x40087602, &(0x7f0000000000)={0x4000002})

18:25:35 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, 0xffffffffffffffff, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x4020940d, &(0x7f0000000000)={0x4000002})

18:25:35 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, 0xffffffffffffffff, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  175.355398] Bluetooth: hci0: Frame reassembly failed (-84)
[  175.377845] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
[  175.388309] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc2 data 0x0
[  175.400946] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
[  175.421408] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
[  175.430423] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
[  175.439643] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
18:25:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x80086601, &(0x7f0000000000)={0x4000002})

18:25:35 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x1, 0x0)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, 0xffffffffffffffff, 0x0)
bind$inet(r1, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  175.448559] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
[  175.466083] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
[  175.482651] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
[  175.491527] kvm [8433]: vcpu0, guest rIP: 0x142 disabled perfctr wrmsr: 0xc1 data 0x0
18:25:36 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:36 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0x80087601, &(0x7f0000000000)={0x4000002})

18:25:36 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  175.995042] Bluetooth: hci1: Frame reassembly failed (-84)
[  177.355574] Bluetooth: hci0: command 0x1003 tx timeout
[  177.361000] Bluetooth: hci0: sending frame failed (-49)
[  177.515553] Bluetooth: hci2: command 0x1003 tx timeout
[  177.520945] Bluetooth: hci2: sending frame failed (-49)
[  177.995560] Bluetooth: hci1: command 0x1003 tx timeout
[  178.001056] Bluetooth: hci1: sending frame failed (-49)
[  179.435670] Bluetooth: hci0: command 0x1001 tx timeout
[  179.441083] Bluetooth: hci0: sending frame failed (-49)
[  179.595617] Bluetooth: hci2: command 0x1001 tx timeout
[  179.601107] Bluetooth: hci2: sending frame failed (-49)
[  180.075590] Bluetooth: hci1: command 0x1001 tx timeout
[  180.081090] Bluetooth: hci1: sending frame failed (-49)
[  181.515607] Bluetooth: hci0: command 0x1009 tx timeout
[  181.683084] Bluetooth: hci2: command 0x1009 tx timeout
[  182.155708] Bluetooth: hci1: command 0x1009 tx timeout
18:25:45 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc0045878, &(0x7f0000000000)={0x4000002})

18:25:45 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:25:45 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:46 executing program 5:
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup/syz1\x00', 0x1ff)

18:25:46 executing program 3:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x3, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:46 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc0045878, &(0x7f0000000000)={0x4000002})

[  185.650961] Bluetooth: hci0: Frame reassembly failed (-84)
18:25:46 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="11dca50d5e0bcfe47bf070")
r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
ioctl$IOC_PR_PREEMPT(r1, 0x401870cb, 0x0)

18:25:46 executing program 3:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:46 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc01864c9, &(0x7f0000000000)={0x4000002})

18:25:46 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:46 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="11dca50d5e0bcfe47bf070")
r1 = syz_open_dev$loop(&(0x7f0000000100)='/dev/loop#\x00', 0x0, 0x0)
ioctl$IOC_PR_PREEMPT_ABORT(r1, 0x401870cc, 0x0)

18:25:46 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:25:46 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f00000000c0)="11dca50d5e0bcfe47bf070")
msgrcv(0x0, 0x0, 0x0, 0x0, 0x0)

18:25:46 executing program 3:
r0 = socket$inet(0x2b, 0x0, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  187.675655] Bluetooth: hci0: command 0x1003 tx timeout
[  187.682145] Bluetooth: hci0: sending frame failed (-49)
[  189.755636] Bluetooth: hci0: command 0x1001 tx timeout
[  189.761019] Bluetooth: hci0: sending frame failed (-49)
[  191.835644] Bluetooth: hci0: command 0x1009 tx timeout
18:25:56 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:25:56 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc0189436, &(0x7f0000000000)={0x4000002})

18:25:56 executing program 5:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sendmsg$IPVS_CMD_NEW_DAEMON(0xffffffffffffffff, 0x0, 0x0)
munmap(&(0x7f000001c000/0x3000)=nil, 0x3000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x3d, 0x0)
write$binfmt_aout(r2, &(0x7f00000000c0)=ANY=[], 0xffffff78)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00000000c0))
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080))
ioctl$TIOCLINUX4(r2, 0x541c, 0x0)
r3 = syz_open_pts(r2, 0x0)
dup3(r3, r2, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000300)=0x3)

18:25:56 executing program 1:
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
getsockopt$bt_BT_POWER(r0, 0x112, 0x9, 0x0, &(0x7f00000000c0))

18:25:56 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:25:56 executing program 3:
r0 = socket$inet(0x2b, 0x0, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:56 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc020660b, &(0x7f0000000000)={0x4000002})

18:25:56 executing program 3:
r0 = socket$inet(0x2b, 0x0, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:25:56 executing program 1:
r0 = syz_open_dev$sndseq(&(0x7f0000000400)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f0000000180)=""/28, 0xdd)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
r1 = openat$vsock(0xffffffffffffff9c, 0x0, 0x101002, 0x0)
ioctl$PERF_EVENT_IOC_ID(r1, 0x80082407, &(0x7f0000000480))
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x8000, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, &(0x7f00000001c0), 0x4)
ioctl(r2, 0x1000008912, &(0x7f00000002c0)="11dca5055e0bcfe47bf070")
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, 0x0)
finit_module(r2, 0x0, 0x2)
r3 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f0000000280))
r4 = shmget$private(0x0, 0x1000, 0x8, &(0x7f0000ffc000/0x1000)=nil)
shmctl$SHM_UNLOCK(r4, 0xc)
ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r0, 0xc0505350, &(0x7f00000004c0)={{0x7, 0x6}, {0x1, 0xebec}, 0x0, 0x1, 0xffffffffffffff13})
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000003c0)={@remote, 0x7fff, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffa}, 0x20)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{}, {0x0, 0x1c9c380}}, 0x0)
tkill(r3, 0x1000000000013)

[  195.891605] Bluetooth: hci0: Frame reassembly failed (-84)
18:25:56 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:25:56 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x2})

18:25:56 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(0x0, 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  197.915542] Bluetooth: hci0: command 0x1003 tx timeout
[  197.921067] Bluetooth: hci0: sending frame failed (-49)
[  199.995588] Bluetooth: hci0: command 0x1001 tx timeout
[  200.001017] Bluetooth: hci0: sending frame failed (-49)
[  202.075634] Bluetooth: hci0: command 0x1009 tx timeout
18:26:06 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(0x0, 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:06 executing program 2:

18:26:06 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x2000000})

18:26:06 executing program 1:

18:26:06 executing program 5:

18:26:06 executing program 2:

18:26:06 executing program 1:

18:26:06 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(0x0, 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:06 executing program 5:

18:26:06 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x200000000000000})

18:26:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:06 executing program 1:

18:26:06 executing program 5:

18:26:06 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x0, 0x2})

18:26:06 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:06 executing program 2:

18:26:06 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x0, 0x2000000})

18:26:06 executing program 5:

18:26:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:06 executing program 1:

18:26:06 executing program 5:

18:26:06 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
setsockopt$inet_sctp_SCTP_RECVRCVINFO(0xffffffffffffffff, 0x84, 0x1f, 0x0, 0x0)
setsockopt$sock_timeval(r1, 0xffff, 0x1006, &(0x7f0000000000)={0x7}, 0x10)
shmget(0x1, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
recvfrom$inet(r1, 0x0, 0x5298f83365f71d82, 0x2, 0x0, 0x800e00787)
shutdown(r0, 0x0)

18:26:06 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000001740)=""/181, 0xb5}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x2ec, 0x0, 0x0, 0x800e00549)
shutdown(r0, 0x0)
dup2(r1, r1)
recvfrom$inet(r1, 0x0, 0x10000002c, 0x2, 0x0, 0x800e0054e)
shutdown(r1, 0x0)

18:26:06 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:06 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x0, 0x200000000000000})

18:26:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:06 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = dup(r0)
shmget(0x1, 0x4000, 0x0, &(0x7f0000ffa000/0x4000)=nil)
recvfrom$inet(r1, 0x0, 0x5298f83365f71d82, 0x2, 0x0, 0x800e00787)
shutdown(r0, 0x0)

18:26:06 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:06 executing program 4:
r0 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x0, 0x10000)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x4a0000, 0x0)
ioctl$VIDIOC_EXPBUF(r0, 0xc0405610, &(0x7f00000000c0)={0xb, 0x3, 0x5, 0x800, r1})
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:26:06 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000001740)=""/181, 0xb5}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x2ec, 0x0, 0x0, 0x800e00549)
shutdown(r0, 0x0)
dup2(r1, r1)
recvfrom$inet(r1, 0x0, 0x10000002c, 0x0, 0x0, 0x800e0054e)
shutdown(r1, 0x0)

18:26:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:06 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:07 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = add_key$keyring(&(0x7f0000000000)='keyring\x00', &(0x7f0000000080)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_PKEY_QUERY(0x18, r1, 0x0, &(0x7f00000000c0)='/dev/dri/card#\x00', &(0x7f0000000100))
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x4000002})

18:26:07 executing program 1:
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'ifb0\x00'})

18:26:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:07 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x3, 0x0)
sendmsg$inet6(r1, &(0x7f0000000380)={&(0x7f0000000080)={0xa, 0x4e22, 0x5, @mcast1, 0x3}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000000c0)="c3f280025f35553dd42b64fae31678c46ce4375889bbb97d8a2f219a13d32b2f5c7daa352c689d37b01f7834fcaeb4a1efaca47358962101e2c0981ad4c6a3827c8ea6109b3f1537aa383fb87a32a550c9963baf39dd787f66fbd8d224218cf5d31ae7cb812655388d22e37aa53fb600d24fa6c0", 0x74}, {&(0x7f0000000180)="1d65cb21877d1b8c58750ce06c28350db15f668276e1d60b26020a6def220534b6bfaa6f7606aeda04fabb5ea486c3f65cb4f1434ad6c9fb70eee6b2571e7aa76f62c0c118feab590e8d5abb9482d4acc3b814660bc5fb8142e3a2fa07b557197919a312aa3a71608661eb30352af4ffdba64c0308bfff5d538596aebf400b7487592166313c1470114da55f13e2ee731fd58586421a174663086944659a59071db4953eea2030a01c4de3bd7b53d249b9599ca45e2da815f0d7e5b3efac921d36ee4feff5e165df", 0xc8}], 0x2, &(0x7f00000002c0)=[@hoplimit={{0x14, 0x29, 0x34, 0x1f}}, @tclass={{0x14, 0x29, 0x43, 0x4e57}}, @flowinfo={{0x14, 0x29, 0xb, 0x9}}, @dontfrag={{0x14, 0x29, 0x3e, 0x3}}, @rthdr_2292={{0x28, 0x29, 0x39, {0x3b, 0x2, 0x1, 0x8d1c, 0x0, [@mcast2]}}}, @flowinfo={{0x14, 0x29, 0xb, 0xfffffffffffffffa}}], 0xa0}, 0xc000)

18:26:07 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  206.666174] kvm: emulating exchange as write
18:26:07 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, 0x0, 0x0)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:07 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
ioctl$KDGKBTYPE(r0, 0x4b33, 0x0)

18:26:07 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000c00)={&(0x7f0000000a00)={{0xeb9f, 0x1, 0x2, 0x18, 0x0, 0x0, 0x0, 0x2}}, &(0x7f0000000b00)=""/231, 0x1a, 0xe7, 0x1}, 0x20)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:26:07 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:26:07 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/btrfs-control\x00', 0x490000, 0x0)
ioctl$sock_ifreq(r1, 0x89b3, &(0x7f00000000c0)={'bridge0\x00', @ifru_map={0x5, 0x10000, 0x991d, 0x4, 0x4, 0x6825ca5a}})

18:26:07 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
accept4$inet6(r0, 0x0, 0x0, 0x0)
bind(0xffffffffffffffff, 0x0, 0x0)
set_tid_address(0x0)

18:26:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:07 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:07 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:26:07 executing program 2:
poll(&(0x7f0000000180)=[{}], 0x1, 0x800000000004b)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x58d, 0x0, 0x0, 0x800e00541)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001a00)=""/4096, 0x1000}], 0x1)
shutdown(r0, 0x0)

18:26:07 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
pkey_alloc(0x0, 0x1)

18:26:07 executing program 1:
poll(0x0, 0x0, 0x800000000004b)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r0, 0x0, 0x58d, 0x0, 0x0, 0x800e00541)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000001a00)=""/4096, 0x1000}], 0x1)
shutdown(r0, 0x0)

18:26:07 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:26:08 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:08 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, &(0x7f0000000100)=0x8000)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000000, 0x3})
syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0x0, 0x0)
r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0xffffffffffff0000, 0x288980)
ioctl$sock_bt_cmtp_CMTPGETCONNLIST(r1, 0x800443d2, &(0x7f0000000080)={0x7, &(0x7f0000000180)=[{}, {}, {}, {}, {}, {}, {}]})
fdatasync(r0)

[  207.619906] [drm:drm_calc_timestamping_constants] *ERROR* crtc 29: Can't calculate constants, dotclock = 0!
18:26:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:08 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x0, 0x11, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:08 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:08 executing program 4:
syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot\x00', 0x480000, 0x0)
connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x3, {0x97, 0x100000000, 0x2, 0x7, 0x80000001, 0x28b}, 0x1235, 0x2}, 0xe)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000002, 0x8000000000000, 0x2})
setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x6, 0x2, 0x2, 0x3, 0x4, 0x1, 0x8}, 0xc)

18:26:08 executing program 1:
dup2(0xffffffffffffffff, 0xffffffffffffffff)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000001740)=""/181, 0xb5}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x2ec, 0x0, 0x0, 0x800e00549)
shutdown(r0, 0x0)
msgsnd(0x0, &(0x7f0000000180), 0x8, 0x0)
recvfrom$inet(r1, 0x0, 0x10000002c, 0x2, 0x0, 0x800e0054e)
shutdown(r1, 0x0)

18:26:08 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000700)=[{&(0x7f0000000000)=""/12, 0xc}, {0x0, 0x9}], 0x2)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0xfd1d, 0x0, 0x0, 0x800e00505)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)=[{0x0}, {&(0x7f00000001c0)=""/8, 0x8}], 0x2}, 0x2)
shutdown(r2, 0x0)

18:26:08 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x10, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_AGP_INFO(r0, 0x80386433, &(0x7f0000000040)=""/108)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:26:09 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x10, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000040)={'dummy0\x00', 0x1d5})

18:26:09 executing program 1:
pipe2$9p(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
close(r0)
socket$vsock_dgram(0x28, 0x2, 0x0)
mount$9p_fd(0x0, &(0x7f0000000480)='./file0\x00', &(0x7f00000000c0)='9p\x00', 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

18:26:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:09 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x10, r1, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
pipe2(&(0x7f0000001180)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x4800)
write$P9_RSTAT(r1, &(0x7f00000011c0)={0x5d, 0x7d, 0x1, {0x0, 0x56, 0x1, 0x5, {0x84, 0x1, 0x2}, 0x40000000, 0x6, 0x4, 0xa2, 0xf, '/dev/dri/card#\x00', 0xf, '/dev/dri/card#\x00', 0x5, 'self!'}}, 0x5d)
pwritev(r0, &(0x7f0000000100)=[{&(0x7f0000000180)="71d473a84afc92bdbb4655ab7c3e9eeddcf549c6b24957f767aecc050af98579a60134817a34573a36b1a788602b53a2c71a3690e7530af1895a29b76207af8c2ca4c4c9ceb07225e30437bf8e053a70a679437959237c1edfa761e739a6379218b3e1ea3d8bf7cd29ede228843f380375b5186d194a238da0a079ed6c48da6652fcb935b5df76ae29b2743e44895adc892daf55cf5b00b90b4d912eada4251ad15c05312997075c8211a1cfb471082e6f80d9a72ff2164c08da01d671856918f8fb6a2a44c879c004c356fa04c7df2b2424278a724c0c07ef5c10d5ff5448d473d6e8f22bd6fff851d3a73f6e8d3477f2cedda5c713e46a3e9b14ad3d45142acbc27a1306a44212449b259525687b89ee4b996ebd3436a0a281402f23ab78e43f1c4d6c5b7b00996ed4b1155130accc5d9652c8da81916f5e6091694450fa2fbab7f697b04834f8793c1f010ed16d0f787bcd592a4f57486941db154a99f2bc9a97a7068e3672e487dd47150818f331a9e497d75856900858636b5000d2340980ac00c719dd2b68c6801dcead4de260f42d7b7ab2f95d9b0617fed96f0dab3fbff6d6702ba0b3ca5752ab4aa27d2ec831b3796f2ee44be4b5099e75f1f42dfdc752715759ade396eee09cdb92e735982f28a1c82a50a6cf7bb6b216071fe647da3b3d01873092796e4e49c697177b30a9e7fd4650d5224c5c3af696317c992acebf51045cfd38d0ac40626c0e9445f859d9760a77c1f8e9f8d946e5016993eca39c871e2aea1c1b0896d595c5305c87d55516b9f5fb0ab25b28245659a60cb62cba9e466edec25fe809ec5c5d3669be0aad4d1efbd96a144454737c862580dee4ec241856bd0c128fbfed5854e986ceb1e45d5a50e62dd99353e2520f8d929a32dd66110bb090c6b9ffebcc7c5375fb24b73de71b23cfb5c2f03880d55dda0e05b9f6492b241e419f3dd68ddea97e52b802702f93a7bf9372b83ae5f0da10467c129eb7fa26b174d1983122b529f7a2b2dfc08aa27d3a833768ce09236c4d8895e95e56a8a0ffd081eff4f7a061fc6f758a900d5c87e99dc7ff7cf76abc314d8caf1927de5831a45dfe0aaa073aaa08aaa76780f7724940abad16d4f178ad3df4c404bad3f181fcad4ed34bade094b810cb27fa6b37f20b78186cd4ea0d04cf5ebe474290f4f45c85026893e38d1dfe84095f6659534801fbfdb62aa27161358184c153c33eecafaf69e999e402ae6e297e5ae14d8c5eaf94d0ee1103cccdc6ebff50b8d6507f9cad44683483bb5aef3084a640929c20ef274b69301c76832fb31a4eee30501b48f2e2f24651436c538ad3122199826d88837b532027d16519e95f09ff65068c4670b9ce42fee40bb92b13e9f60d8b2e09d73de831f5e933784fb2a7d968cee5010455367c5706cd42b510631050063b05e780c964044ca1bb664bfbbcad105241ef72491f7598856201061e480b293ce7aefc73fc9f3437725b1bffc02dda0938214889a9bb2711dc66958d2e0b79c1fdb36065da6b93286ff44eccae2bfdb0605ac2de03ec653daeb75b059717b24051967c99990f7db7ebbed60ebc639224f5415e69c5bee76abb0ff78f3914bb28e488f64feb0278ef510bb19d85cc69a766466965b4415f54a21b01b945b4e003dbc5d29ac1da8f7186aacfcb141f55fc08f813a7c66786358ddd00394ac89a645f9d655e786bd221513faeec69dfa695fd4770d3a709ae9f17fd46ba59e593e02099520cddd0907f3e979225f5a69e52e809c30964856be5572f8c9ac3fc3883a7f23cd50bd93114d2fbac5a8e356f47db43bd0da70d829e59bdd77a8f636da3c4f92a5739f985de01759fbd196ebc9d0e7fdf1f292697d7ea521ba6a13d685e40a0f052ad1509afa6c6c4ec35ce0b4942eda757053c67039df9855b2936149a775fd7b949c01eb3ca5dd082e3f049579e4fa126a0d3ba8562932556052eadd2d0a358325b3d6c255f8013b2622b96b8d6335b41fccc9730ff1d32ac08bcbe741f7fb33e4fc1462fb2616343493aa93c89de2d657e4ff88ef6900a3525686856f806af3d4a38c9bbb6119e53fc88b44914c987ff437b1a414bcf999039f53e5529cd3681d774d7748a164dff90a9652f8d6502868f992b7fb0c33dd2b892c68d793372f425db089a98727e7acb1317807589e483274f46849fa50ecef311a2f7cb5696de3578739b88b9c6d6df95f0b3137ec86d551e053e0a145e95cba49dc6754b68111512590f269cf9f50f6f226a6395d66ca9b3e24b64b729d53c3c0a1130c2b60c5c51dd2269e8f441093989558aeaa8f62ee14581b4d07c188d0c2c30059ac39dc6d50b2ce17d92e684e037e5f3182d02ee824e498cf40d41bedbec946b369836ad90f407244de9e1d7066d1ecee25eb62bb5fff4e60e66fb5afc7bfad30577c674fb06e44ccc9ec699b78c5d98566f74fc31a384cbaea0d868b8b099d20a187201bb6a6c4cfd6c1f5da29da59c9332eac336c979908ccf93b370ac41f46000c3611e0bb12a7f8e52f20d8fcf868cdb395bab11957799acc8426678771edbe85deffa7197c34e9277ad99a69f3f3b293ee8e3188b99cf7320bc7275104c658ba63de59d43d69c3a543c69f685cf3955cd9780f8b13eb337bdf147f3ca5c9f6be246dbc8b5461112b80aac84e554eed05e19dff037e0406384a476dc4d4fb441e2f0b3c047f6538d95874aaa3bb0e5b9edc45dacf57efd243424ec3f7885e36bda17f731f50f50e14310ca252f82138e9e7314939201a9a91317eca0e57ea59ba7774969c952b6914aeba354194a752c179a2f8169787223a4f4468a5c00f189cbb268570204de600204ff7086cc2d4c153e99ec6a897fa975db1b17bd254fd282ab09667cdbf3d019ce5dad361f21c57e135aad014234b5b4ba5a6487d535ca25722467c7a716eca851f7af8c40a5da2bd8093bbc675ddecb6cebefd06d75bd01b3bf58a3a1e7ce03ca21a203754eec1a3f68654d06136ff2e603f66fb8422d7aa8a01a9124bc2e02d109c86954402392318c5f685b54df06c9ada34f3bebcd05d78d7b78f1a71743199429efcc17219700f5f2ca5c55e9583924111f8618f7ceff1d6cd29278f233a34756a20d5c50148efa4396ac38261e7f1bdb55f2381feaef5137fd7bf6eab24ca1412bcf269cc989bcca1e99cecf1e5717d45ab30e12f2eda55b63e60b59a7852c2c7e752df3774d00b1e3f712201fdef194dbbd6564f9a633a010b87361817b493ae69f8306fd38aafd4c8a41ee2b164957813b97e73a7a193ef9cee1fa4f6c47b7fdde45aac75615a9327647ef5561019182965917dce7437588bad47c3b6e0a908c649f5f80377c39e82f717a82747763966475124e394a1a8fcd9566610075d37dfc937c8826b935912ad08570684980e6453c9d128ca22423b6edcc8ca0704de28b6529b5e9ef18144765c7d3b68fa4765557be5f7d9e39c86796a925c230a9e159dbe68e4ef8cfab86c935e47a9711b342783e96ef57af89a8bef130ca03003044c39639c9e088173dde7a8f2928ef91e011088d7d4904c171276356690152853f6dfbd64f999bda600b3f7d94c4a4b162e0080b6f7ff5c134d85531e9032016ee4b03d70d39c5a2ba6186796d1c2fb88c3a2b7d47a1744f021b8bd9cf6a62a2f667af8269fc83b76cf285ef95f6a4b8ee67105c30ae17ae11d64af354d1885eafe26f5676d3adff08644a585785c7b6db36220b899ef814db008b49df22ad83b729f326a8e64c5dc4834a21bc64fca9b3c7b8eead8e81dda71779d66818d5c08b2068761cc85f8c8195b839788f41ba584866dd754192bafb166991f558931ac54172fdc8e3ec40dcd6898f29b8a0622486568f2e6989f367b4cb06ee420065f3660b6f224fc00ade87c4bbde6e533c1b11c86ec6445879be552193245218bba901a909826f1460165b809d7a7b21d99e363cfbf4bb6c2d52533ee3c4eb67b20db2f59705b216a2f95af7d54cc459134e0e36f32944364098a514d21aaf47fedf2804b53a12c00e1ed23ae2f1a3c516b009599c27c55f69c2c5990a1bc17419e6e2df5e5de1910fc031f629e4e8ad45c314db158a17e4657269e5c5a2926c6639e1345bb587ea8356ca2ba29237a3e81a9f646e40e7e01b3ebed2b6687362dbee5d8e0f0356c1f825966cdad8f99a6b1aa3fc4fb992501960fdd12743091ba65ab7c89e59af29c22c7698dd0858eef78fd88fab48e272b9d542388905fc369cf5a00e7d4964fab4c4ed2534506e2945a291789712477276f8aa14642b2b51dea145c7b25ddf59a0df8628d723c9c96d13676126a7bc387bf6c08142cd245c7ab584c58af3c366f2f68837b97ad59eaa2b4c49e4efb53cbe61eb8bc1d94cf59ed6e54700d3b15c741f12343dfb09402710e8b581fe3ed331358128a4e444280484ace0a935c29fbf7502422dcfc073d7faefee4edd53a3c5e71662df2c05fe9b91c7ece94e4fb99ec7f9e353e1d14af8a0655f7bfd2ad7ed9ee2a3fa0df5d99a50c922ce6ac39e4c0dc3ad67ad0d2c5142ffbabebd1b04d2ce6f8ac1ab60574a4e89f973236691597eaa5628ac0abff7dd7dc2523c52c305c3b8bf7800b5dba62183fe3892943f363c2063f4ee02a5e964ae8ebb0cca41a2cb3dc38d4d252fb4650b07945f71d3f30cb1e38df46de6a92608223cf3f09955b648181d30b6e38eaf8564290994fc15527f50aafb6d8680000c13f3f37db7cea7c28e26fc7a3b911036bc6c34afc01a4526a669302c8910af9f530d442c2b1bc941a6599014c5e929b9f138f1129eea8db61fa21f051dc73bc0a7d465a2f0f212b4e5061837738189ef86f301f3f69c1fdeebaea486184daac7ba152d85905143dbcbfd0229cf2921a51a998dbd38f5bfd9c5959ed20c8aa3aa654a93c92d6111a7cec82922261233225d18a04e2ac504c4986faa58a61b5f299e838a07cc03c26470f8ba1871f9d911d878d927d519cfee5a52afa49ef64685f13e1f72af7df50ed6cc6850dd9447f2be9112cdc2663837179c87e7904957625bc026b08b34f1ddd8279610134061efa77ceb1db3c6cb4f2621761eae72663f31ad0c7c4dd2588a0955a6320a7c200f8a5c57ee317bbcccf7df9525c0de2388ceceb3a626b8c55a8ad195810a2b567751b1ec9ecc0aa2f118c9225982d8508adf99f52a8d95aa0ef9ecc67c80d34b004b9b98cc94e67a4a6d5fdcb7e19ecdd2d376a93db15787aaa0c4fb9924ef33f1c78ec78af9b0637819c7074350e012d72619d761ef6e77e77da9d9c7d7903683539b0d3389a26354d49e899df9210121713b6c431412db67a4c574a9f437e24b12ecd344a593fda6b752c90511125f388dd6a2b01473fb73e96747883eeebf68535b01bdbfbd41a27683d995a11f9301b17bac17a091d6c2f9c3fddf32dfd351d67e27b8090adf480685315608f0be2441e4ceaf22767e8bc726d751c5cff56477c3414cb38af3bc7ff7574c1b6e2aafcb96279990fdb9805a4404c4da26ea2a1d2e40879a3269a8e77f3f7b2b313379b444a186f38352ba0f498005e7315db5b4e92df23fe014fab8f55a4dfd80df5ef43f18509b3ba909706ada1848f1d4893f08256958f77d2e14d0f085aad48e86fe0cbbf2a5c2f10ad1aadccc2c7a990310172b764b7c25968a9caff78e1250dd58b83dfd259b56485bedd5fc1e83108815722e62e033f0c616484c8df69eff9d6040716495e96fc8a3ba7b992f32b77ad11b93dba6d34cc10988395313e19825b2e7252e1fd164", 0x1000}, {&(0x7f0000000040)="a600a7d541f11a52cad7dca5566f32a31ca3fa910871d56185f3bccc6e4f40c19ea250e102979d1a0ba3c9f264d9dd76ca75470b54e6a29636f1caa899c988e84735e06261e840dd64ea00c934d11ce12c950e328945eb44dfccbb8c0f42cf7e9053bc8d20dbf5a062554dbed378db85672e774e708f63c1657bc5976b1d505f2765c91e9069bb4b2d4acc5708a0e806909bf76c7aa358f2ae4c221d510800a9", 0xa0}], 0x2, 0x0)

18:26:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:09 executing program 1:
r0 = syz_open_dev$sg(&(0x7f00000000c0)='/dev/sg#\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1, 0x20011, r0, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$bt_hci(r1, 0x65, 0x0, 0x0, &(0x7f0000000080))

18:26:09 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
connect$inet(r0, &(0x7f0000f6fff0)={0x2, 0x0, @local={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x100000000009)
accept$inet(r0, 0x0, 0x0)

18:26:10 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

[  209.541720] audit: type=1400 audit(1564511169.978:55): avc:  denied  { map } for  pid=8805 comm="syz-executor.1" path="/dev/sg0" dev="devtmpfs" ino=16858 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:scsi_generic_device_t:s0 tclass=chr_file permissive=1
18:26:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
userfaultfd(0x80800)

18:26:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:10 executing program 1:
clone(0x110900, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket$inet_sctp(0x2, 0x0, 0x84)

18:26:10 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
ioctl(r0, 0xb50, &(0x7f0000000040)="87b97225a20ac6afb4af19906d3fcb1f17c5664e4024ff08630774a842a354f6ae0c4b104d627de95473")

18:26:10 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:10 executing program 1:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
syz_emit_ethernet(0x7a, &(0x7f0000000300)=ANY=[@ANYBLOB="0180c2000000fffffffffeff86dd60a1bba900442900fe8000000000000000000000e80000aafe8000000000000400000000000000aa0620880b00002c0000000800000086dd080088be0000000010003c7bf29e000000080022ebffffff8420000000020000000000000008000000080065"], 0x0)

18:26:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x4800, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x4, &(0x7f00000000c0)={<r2=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_DESTROY_ID(r1, &(0x7f0000000180)={0x1, 0x10, 0xfa00, {&(0x7f0000000080), r2}}, 0x18)

18:26:10 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, 0xffffffffffffffff, 0x0)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:10 executing program 2:

18:26:10 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:10 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
syslog(0x1000002, &(0x7f0000000040)=""/215, 0xd7)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000180)='/dev/full\x00', 0x80, 0x0)
bind$rose(r1, &(0x7f00000001c0)=@short={0xb, @dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, 0x1, @bcast}, 0x1c)

18:26:10 executing program 3:
socket$inet(0x2b, 0x1, 0x0)
r0 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:10 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:10 executing program 1:
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000200)="2e00000031008107e45ae087185082cf0324b0eb20000000040000dd1e986afa21d9151cd8f286f9075b50001691", 0x2e}], 0x1}, 0x0)

[  210.394584] audit: type=1400 audit(1564511170.828:56): avc:  denied  { syslog } for  pid=8874 comm="syz-executor.4" capability=34  scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=capability2 permissive=1
18:26:10 executing program 4:
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x64000001, 0xa780})
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x57a, <r1=>0x0, 0x1, 0x1})
ioctl$DMA_BUF_IOCTL_SYNC(r0, 0x40086200, &(0x7f0000000100)=0x7)
getsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000140)={<r2=>0x0, 0x2, 0x6, 0x10001, 0x401, 0x10000}, &(0x7f0000000180)=0x14)
setsockopt$inet_sctp_SCTP_SET_PEER_PRIMARY_ADDR(r0, 0x84, 0x5, &(0x7f00000001c0)={r2, @in={{0x2, 0x4e22, @remote}}}, 0x84)
setsockopt$inet_sctp_SCTP_ASSOCINFO(r0, 0x84, 0x1, &(0x7f0000000280)={r2, 0x3ff, 0xfff, 0x8, 0xb5, 0x1}, 0x14)
ioctl$DRM_IOCTL_SG_FREE(r0, 0x40106439, &(0x7f00000000c0)={0xf63, r1})
ioctl$KVM_XEN_HVM_CONFIG(r0, 0x4038ae7a, &(0x7f0000000340)={0x5, 0xbe6, &(0x7f0000000280), &(0x7f00000002c0)="45124e7cca67197730a5271169281f385254557e8a96d7c1a082dcd35cdd8ba535dc0e3a64cde5877c56f4441182d99d4b2682ddb06435d68ece96b71892e20b4ebf6f9f862fc05cdec9dd48bb8271390092967ac846bd19043e41a33c4268344013f45308db0d77162d915dbf1e475a2312cd879b704a2529", 0x0, 0x79})

18:26:10 executing program 2:

18:26:10 executing program 3:
socket$inet(0x2b, 0x1, 0x0)
r0 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:11 executing program 1:

18:26:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:11 executing program 2:

18:26:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:11 executing program 1:

18:26:11 executing program 3:
socket$inet(0x2b, 0x1, 0x0)
r0 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r0, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f0000000100)={0x2, 0x0, @empty}, 0x10)

18:26:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r0, 0xc0086420, &(0x7f0000000040))
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f00000000c0)="11dca5055e0bcfe47bf070")
r2 = signalfd(0xffffffffffffffff, &(0x7f0000000480), 0x8)
close(r2)
r3 = syz_open_dev$mouse(&(0x7f0000000100)='/dev/input/mouse#\x00', 0x2ffffffffffffffc, 0x1)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r3, 0x84, 0x14, &(0x7f0000000180)=@int=0x2, 0x4)
r4 = inotify_init1(0x0)
fcntl$setstatus(r2, 0x4, 0x400003fff)
fsetxattr$security_smack_entry(r2, &(0x7f0000000200)='security.SMACK64EXEC\x00', &(0x7f0000000240)='/dev/dri/card#\x00', 0xf, 0x1)
close(r4)
fsetxattr$security_ima(r0, &(0x7f00000001c0)='security.ima\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="0600000000000000006ff6bb20aae995d9993ad0aba495978bb0d65dbcb07f33ef0bfa8ca779689020e87fdeebe8e53b88e14d766cef53e94e7f165c029d13d638c622924f78127d282ae029f1bce46601e4efd7eb62c8d6c133a42c058f0fc3ed1c7a68a6622b21225a1fdb05eead17b9134caecda215360d0255f4dd13da75e4ce84ccb036bd1dce768b80956e2738aab37f390730307d063f7ed343f3950a2d05ad9084a3ea61c9c06d73509c49b6b600c26eecee71218806db11fd99607274110b"], 0x79, 0x2)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x0, 0x8102)
readahead(r5, 0x8b, 0x1)
ioctl$NBD_DISCONNECT(r5, 0xab08)
openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/mls\x00', 0x0, 0x0)

18:26:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:11 executing program 2:

18:26:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote, 0x3}, 0x1c)
r2 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r2, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f00000001c0)={{{@in6=@local, @in, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in, 0x0, 0x32}, 0x2, @in=@loopback, 0x0, 0x4}}, 0xe8)
sendmmsg(r2, &(0x7f0000005fc0), 0x800000000000059, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:26:11 executing program 2:

18:26:11 executing program 1:

18:26:11 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, 0x0, 0x0)

18:26:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:11 executing program 2:

18:26:11 executing program 1:

18:26:11 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, 0x0, 0x0)

18:26:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:11 executing program 2:

18:26:11 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r0, 0x641e)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:26:11 executing program 1:

18:26:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x0, 0x10})

18:26:12 executing program 2:

18:26:12 executing program 3:
r0 = socket$inet(0x2b, 0x1, 0x0)
r1 = memfd_create(&(0x7f00000001c0)='\xb3', 0x0)
write$FUSE_DIRENT(r1, &(0x7f0000000080)=ANY=[], 0x29)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x81, 0x11, r1, 0x0)
bind$inet(r0, 0x0, 0x0)

18:26:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:12 executing program 1:

18:26:12 executing program 1:

18:26:12 executing program 3:

18:26:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000040)={0x400, <r1=>0x0, 0x1, 0x80000000})
r2 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/audio\x00', 0x20000, 0x0)
ioctl$BLKROSET(r2, 0x125d, &(0x7f0000000100))
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000080)={0x9, r1, 0x10001, 0x4ec8})
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
ioctl$BLKROSET(r2, 0x125d, &(0x7f0000000180)=0x4)

18:26:12 executing program 2:

18:26:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:12 executing program 3:

18:26:12 executing program 3:

18:26:12 executing program 1:

18:26:12 executing program 3:

18:26:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:26:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:12 executing program 2:

18:26:12 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = socket$inet(0x2, 0x5, 0x100)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000100)={0x9}, 0x1)
r2 = syz_open_dev$vbi(&(0x7f0000000180)='/dev/vbi#\x00', 0x2, 0x2)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000080)=@assoc_value, &(0x7f00000000c0)=0x8)

18:26:12 executing program 3:

18:26:12 executing program 1:

[  212.366170] Bluetooth: hci0: sending frame failed (-49)
18:26:12 executing program 1:

18:26:12 executing program 2:

18:26:12 executing program 3:

18:26:13 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f00000000c0)='/selinux/mls\x00', 0x0, 0x0)
getsockopt$inet_mreqn(r1, 0x0, 0x20, &(0x7f0000000180)={@local, @empty}, &(0x7f00000001c0)=0xc)
ioctl$SCSI_IOCTL_SEND_COMMAND(r1, 0x1, &(0x7f00000002c0)=ANY=[@ANYBLOB="4a000000030000000000003f08ff8b1056a07cea2181ad7040ba35166d3d34a3cc6f4e572544b912f58da77f6f88cceb7d36994a64572c0bc27cd1a62a0576ea48e018109486bdf2ee99753419e661aa171b9b444465b7a0414255b7ca3612740106f29a3bf40ca5758a80ab0d3d300b2e5ddb0391c1ac4d21b0220e57acfe9a72511bcf292ef972244f3dce8681223c6dc6f7c293dde72508eb818d42f2ae29590ea8b9873a2ec4104ae94d3dca9b87e18e7fa660cd8298b105bafc2b5d1f7836fea1161d0c970edb447b81e27c18a0f78fa7fd7bd0fad2d86838fe458c722daff907cfb6432525186bef5d6cdfb434f3a3ad0758853c736e433011fc4cafff78"])
link(&(0x7f0000000080)='./file0\x00', &(0x7f0000000200)='./file0\x00')
setsockopt$netrom_NETROM_T1(r1, 0x103, 0x1, &(0x7f0000000240)=0xfffffffffffffff9, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vsock\x00', 0x0, 0x0)
setsockopt$inet6_udp_int(r2, 0x11, 0xa, &(0x7f0000000100)=0xd3b, 0x153)

18:26:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:13 executing program 1:

[  214.395557] Bluetooth: hci0: command 0x1003 tx timeout
[  214.400953] Bluetooth: hci0: sending frame failed (-49)
[  216.475561] Bluetooth: hci0: command 0x1001 tx timeout
[  216.480960] Bluetooth: hci0: sending frame failed (-49)
[  218.555646] Bluetooth: hci0: command 0x1009 tx timeout
18:26:23 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:26:23 executing program 2:

18:26:23 executing program 3:

18:26:23 executing program 1:

18:26:23 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000002c0)='/dev/dri/card#\x00', 0xc72f, 0xffffffffffffffff)
openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/mISDNtimer\x00', 0x201, 0x0)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0xb4)
getsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f00000000c0)=@assoc_value={<r2=>0x0, 0x101}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r1, 0x84, 0x70, &(0x7f0000000180)={r2, @in6={{0xa, 0x4e23, 0x3a81, @mcast1, 0xffffffffffffffe0}}, [0x9, 0xfffffffffffffff7, 0x100000001, 0x7, 0x0, 0x7d93, 0x100000000, 0x1, 0xfffffffffffffffe, 0x1, 0x400, 0x9c53, 0xffffffffffffff11, 0x7ff, 0xa86]}, &(0x7f0000000280)=0x100)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x5, 0x800)

18:26:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:23 executing program 2:

18:26:23 executing program 3:

18:26:23 executing program 1:

18:26:23 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0xc72f, 0x4002)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
pipe(&(0x7f0000000040))
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dsp\x00', 0x400000, 0x0)
setsockopt$l2tp_PPPOL2TP_SO_RECVSEQ(r1, 0x111, 0x2, 0x1, 0x4)

18:26:23 executing program 3:

18:26:23 executing program 1:

[  224.795578] Bluetooth: hci0: command 0x1003 tx timeout
[  224.801342] Bluetooth: hci0: sending frame failed (-49)
[  226.875547] Bluetooth: hci0: command 0x1001 tx timeout
[  226.881267] Bluetooth: hci0: sending frame failed (-49)
[  228.955712] Bluetooth: hci0: command 0x1009 tx timeout
18:26:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:26:33 executing program 2:
r0 = socket(0xa, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STOPDAEMON(0xffffffffffffffff, 0x0, 0x48c, &(0x7f0000000000)={0x0, 'nr0\x00\x00\x00\xfd\x81\x00', 0x3}, 0xfffffdb1)
ioctl(r0, 0x8916, &(0x7f0000000000))
ioctl$sock_inet_SIOCDELRT(r0, 0x890c, &(0x7f0000000280)={0x0, {0x2, 0x0, @broadcast}, {0x2, 0x0, @initdev}, {0x2, 0x0, @multicast2}, 0x100})
ioctl(r0, 0x80000000008936, &(0x7f0000000000))

18:26:33 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x4, 0x400000)
getsockopt$packet_buf(r1, 0x107, 0x1, &(0x7f0000000100)=""/9, &(0x7f0000000180)=0x9)
ioctl$SIOCAX25GETINFO(r1, 0x89ed, &(0x7f0000000080))

18:26:33 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:26:33 executing program 3:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000200)={0x0, 0xf0ffffff00000000, &(0x7f0000000240)=[{&(0x7f0000000100)="24000000100007031dff22946fa2830020200a0009000300001d85687f0000000400ff7e280000000f0043ba5d806055b6fdd80b40000000140001000029ec2400020cd37e99d69cda45a95e", 0x4c}], 0x1}, 0x0)

18:26:33 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:33 executing program 2:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000000), 0xa)
getsockname$packet(r1, 0x0, &(0x7f00000000c0))

[  232.914546] audit: type=1400 audit(1564511193.348:57): avc:  denied  { write } for  pid=9071 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
18:26:33 executing program 3:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$sock_bt_hidp_HIDPGETCONNLIST(r1, 0x800448d2, &(0x7f0000000580)={0x2, &(0x7f00000000c0)=[{}, {}]})

[  232.967828] Bluetooth: hci0: Frame reassembly failed (-84)
18:26:33 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x2080, 0x0)
getsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f0000000080)={<r2=>0x0, 0xfe4}, &(0x7f00000000c0)=0x8)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000100)={0x0, 0x3ff, 0xc, 0x2, 0x371, 0x20, 0xe0, 0x4, r2}, 0x20)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x4000002})

18:26:33 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = dup(r0)
write$P9_RREADLINK(r1, &(0x7f0000000100)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10)
socket$l2tp(0x18, 0x1, 0x1)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f0000000040)={<r2=>0x0, 0x8, 0x0, 0x1fc00000000000, 0x4}, &(0x7f0000000080)=0x18)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f00000000c0)=r2, 0x4)

18:26:33 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:33 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  235.035536] Bluetooth: hci0: command 0x1003 tx timeout
[  235.041117] Bluetooth: hci0: sending frame failed (-49)
[  237.115739] Bluetooth: hci0: command 0x1001 tx timeout
[  237.121159] Bluetooth: hci0: sending frame failed (-49)
[  239.195735] Bluetooth: hci0: command 0x1009 tx timeout
18:26:43 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:43 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000040)='/dev/hwrng\x00', 0x400000, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r1, 0x400448c9, &(0x7f00000001c0)={{0x81, 0x800, 0x83c, 0xbfa6, 0x7fffffff, 0x1000}, 0x8})
syz_open_dev$dri(&(0x7f0000000100)='/dev/dri/card#\x00', 0x6, 0x10000)
ioctl$VIDIOC_TRY_EXT_CTRLS(r1, 0xc0205649, &(0x7f00000000c0)={0xfffffff, 0x40, 0xfffffffffffffe00, [], &(0x7f0000000080)={0x98091e, 0x243e, [], @value64=0x7fffffff}})
r2 = semget(0x3, 0x4, 0x45610fa3fd2d2788)
semctl$GETNCNT(r2, 0x4, 0xe, &(0x7f0000000180)=""/55)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:26:43 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:26:43 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:26:43 executing program 0 (fault-call:3 fault-nth:0):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  243.198726] Bluetooth: hci0: Frame reassembly failed (-84)
[  243.210982] Bluetooth: hci1: Frame reassembly failed (-84)
18:26:43 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:26:43 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x80001, 0x16})

18:26:43 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:26:43 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x40000, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000080)={'veth1\x00', @dev={[], 0x1e}})

18:26:43 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:26:43 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

[  245.275633] Bluetooth: hci1: command 0x1003 tx timeout
[  245.281039] Bluetooth: hci1: sending frame failed (-49)
[  245.286467] Bluetooth: hci0: command 0x1003 tx timeout
[  245.291802] Bluetooth: hci0: sending frame failed (-49)
[  247.355719] Bluetooth: hci0: command 0x1001 tx timeout
[  247.355725] Bluetooth: hci1: command 0x1001 tx timeout
[  247.365932] Bluetooth: hci1: sending frame failed (-49)
[  247.366753] Bluetooth: hci0: sending frame failed (-49)
[  249.435712] Bluetooth: hci0: command 0x1009 tx timeout
[  249.435731] Bluetooth: hci1: command 0x1009 tx timeout
18:26:53 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:53 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:26:53 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:26:53 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0x80000001, 0x101000)
ioctl$EVIOCRMFF(r1, 0x40044581, &(0x7f0000000080)=0x1)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:26:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  253.355861] FAULT_INJECTION: forcing a failure.
[  253.355861] name failslab, interval 1, probability 0, space 0, times 1
[  253.368791] CPU: 0 PID: 9128 Comm: syz-executor.0 Not tainted 4.19.62 #36
[  253.375751] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  253.385209] Call Trace:
[  253.387900]  dump_stack+0x172/0x1f0
[  253.391633]  should_fail.cold+0xa/0x1b
[  253.395548]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  253.400723]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  253.406336]  ? __cancel_work_timer+0x313/0x520
[  253.410949]  ? mutex_trylock+0x1e0/0x1e0
[  253.415073]  __should_failslab+0x121/0x190
[  253.419332]  should_failslab+0x9/0x14
[  253.423133]  kmem_cache_alloc_node+0x56/0x710
[  253.427773]  __alloc_skb+0xd5/0x5f0
[  253.431505]  ? skb_scrub_packet+0x490/0x490
[  253.435849]  ? lock_downgrade+0x810/0x810
[  253.440037]  ? hci_dev_open+0x220/0x220
[  253.444030]  hci_sock_dev_event+0xf3/0x580
[  253.448261]  hci_unregister_dev+0x253/0x820
[  253.452641]  hci_uart_tty_close+0x1fc/0x250
[  253.456958]  ? hci_uart_close+0x50/0x50
[  253.461077]  tty_ldisc_close.isra.0+0xaf/0xe0
[  253.465657]  tty_ldisc_kill+0x4b/0xc0
[  253.469457]  tty_ldisc_hangup+0x2d9/0x630
[  253.473633]  __tty_hangup.part.0+0x2cc/0x6f0
[  253.478040]  ? tty_read+0x2a0/0x2a0
[  253.481673]  tty_ioctl+0xefb/0x1510
[  253.485295]  ? tty_vhangup+0x30/0x30
[  253.489003]  ? mark_held_locks+0x100/0x100
[  253.493310]  ? proc_cwd_link+0x1d0/0x1d0
[  253.497553]  ? __fget+0x340/0x540
[  253.501072]  ? __might_sleep+0x95/0x190
[  253.505041]  ? tty_vhangup+0x30/0x30
[  253.508774]  do_vfs_ioctl+0xd5f/0x1380
[  253.512775]  ? selinux_file_ioctl+0x46f/0x5e0
[  253.517282]  ? selinux_file_ioctl+0x125/0x5e0
[  253.521797]  ? ioctl_preallocate+0x210/0x210
[  253.526199]  ? selinux_file_mprotect+0x620/0x620
[  253.530955]  ? iterate_fd+0x360/0x360
[  253.534752]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  253.540312]  ? fput+0x128/0x1a0
[  253.543831]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  253.549580]  ? security_file_ioctl+0x8d/0xc0
[  253.553982]  ksys_ioctl+0xab/0xd0
[  253.557432]  __x64_sys_ioctl+0x73/0xb0
[  253.561350]  do_syscall_64+0xfd/0x620
[  253.565359]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  253.570542] RIP: 0033:0x459829
[  253.573733] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  253.592713] RSP: 002b:00007f78d2d3cc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  253.600419] RAX: ffffffffffffffda RBX: 00007f78d2d3cc90 RCX: 0000000000459829
[  253.607684] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000003
[  253.614952] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  253.622214] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f78d2d3d6d4
[  253.629481] R13: 00000000004c420e R14: 00000000004d8370 R15: 0000000000000004
18:26:54 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:26:54 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:26:54 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(r1, 0x29, 0x1, &(0x7f0000000040), 0x4)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

[  253.724381] Bluetooth: hci0: Frame reassembly failed (-84)
18:26:54 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  253.780973] Bluetooth: hci1: Frame reassembly failed (-84)
[  253.793101] Bluetooth: hci1: Frame reassembly failed (-84)
18:26:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:26:54 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:26:54 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0xc72f, 0x200)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x2c4000, 0x0)
ioctl$VHOST_RESET_OWNER(r0, 0xaf02, 0x0)
ioctl$SG_SET_TIMEOUT(r1, 0x2201, &(0x7f0000000080)=0x9)
fsetxattr$security_selinux(r0, &(0x7f0000000100)='security.selinux\x00', &(0x7f0000000140)='system_u:object_r:iptables_conf_t:s0\x00', 0x25, 0x1)
epoll_create1(0x80000)

[  253.964133] audit: type=1400 audit(1564511214.398:58): avc:  denied  { associate } for  pid=9187 comm="syz-executor.4" name="card1" dev="devtmpfs" ino=15432 scontext=system_u:object_r:iptables_conf_t:s0 tcontext=system_u:object_r:device_t:s0 tclass=filesystem permissive=1
[  255.755622] Bluetooth: hci0: command 0x1003 tx timeout
[  255.761166] Bluetooth: hci0: sending frame failed (-49)
[  255.835619] Bluetooth: hci1: command 0x1003 tx timeout
[  255.841127] Bluetooth: hci1: sending frame failed (-49)
[  257.835594] Bluetooth: hci0: command 0x1001 tx timeout
[  257.840993] Bluetooth: hci0: sending frame failed (-49)
[  257.915577] Bluetooth: hci1: command 0x1001 tx timeout
[  257.920960] Bluetooth: hci1: sending frame failed (-49)
[  259.915592] Bluetooth: hci0: command 0x1009 tx timeout
[  259.995675] Bluetooth: hci1: command 0x1009 tx timeout
18:27:04 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:04 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:04 executing program 4:
r0 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000440)='/selinux/enforce\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1b, &(0x7f0000000480)={<r1=>0x0, 0x1000, "b642ce7bd32fc8c19c500644263fa48d4b8bd2c3a00c5c2823983867f7b61bfea53d5a9e43ac668baf6573e2e6a53f2f36fa6fb04c6486fd6e760f2768f342c9029435a38990df0164cfc07aeace5ba17d08c50af53df4817dc0365c2dd4480793af3eb861730a4ac23fe8c40e86064811422bbeccdcf1d4c57e825bc1935dc48f840b1f904b7d36394d9895a89a7ab9edea9173dddefe49242fbde68c6b1dc9067b886d8f02adaf393d0f6f62018a53e66e2af2134bf92b8e382fe3bb6436ed455e921b33fe7b5fa9f1fa80b4a6b19cba7de5b41cc584f6dbbab5ce756156ba12b2dc4ab23511b7e28f625d38a1b9e2321fb945c5b96ecedc700d9e537bb3b6e33f2c8d09d8f629cf0f102b509a8ec3b13e824b517801c75ec312aaee9c8cb6e7cbf45f260feed4deec9bc6dc09dd8ab6637dd464b52d51970cfed777d679be075b079f82d69da21f3fe0cf472514690858b45eeeea916ada8f9e2caff02b5b27ace4feb39c44d3c0b2b0d0c3285b87657fabe1e6c768c065fb6780da10cd1cc5977b5fefb38968d8b9c90baab55b9956d6cc438cbd43c7b73333be4c4b6c2030b67d18a792774a8427045a6c981413b5ce6f64519ffe8469f95b34ab12da63ff48889f554e5abde6915d6462bf2e4ce06d51c462fa0fefc3f600c9093fb4e51e4704caad1745ec9efebd83ee04c4925d6aa2a5079d45dd8ee04f99ef64bf814910a5e130069541f35a774dad7225eeccaeae9d67bbf8aef81b313108bf526bb5a2fa290990dad55bad78d5b6c46d4979b851c5ae02371d40d69047c497b6d06370e3aeee4dabd1ee257dd262c821428dfcd98d48ca5d61a5898c783a1515cbacd6d3888db6ab2ebae1d3c46b547e76e7f970840a10c5686cf919a886de2601c4c01eee8e4c531826d8dd4e261a3f03173548c8c375b1f8dfe8e032ffed7e5d2e8c7a55d36bbfa79678ad1d8da8edea28f5c073569c13f50bbb83312eb59fa7c3f487d0d85be9c0c351bd6abbb25aeba62a07557b46221f3c68ec1ef8c083bdd0eb8de10fe030493c5b8ba86383f8a2d0b0bbe2a8ac616a1b5be549ef0bceca0de5d831a8b54c7e1a9d4fb19a7ab8a5ef7402b82c29312479223d32b2e45f6a4c5ecae29ce21aa29ff29be5d7b95c0ce99b5717ee8d87b58f117ced360c7e7ffb550203fbc0b91aada233c8e87d79e9ef1db5a8685c1b8741fbc4d04e157e0481b98ae3663ff32d70b5b4dd12c8d9c60a2f2125018e7e0af2cd8bc261f80a6542db599694f9e5a45507bff6b26469dd65419483a4bc9eea2424b054249fd8475e1fd4ca9e6018d037bfb82758135787b6e2ea684065d59a3735a45d0eb80414960df474109b70d3a7bb8b475a8a3c05276ed56d98411c4ebc2bd2987a88cf2082218af60905affbd9057497d45359da949c2f199e53a7e87c6f1ad8f4d0a328584ec8627420f6e59120b552e1031e83997c4a29d1a639b67775d1fbc374deb7ee7813570786e718b5d787a0f1e03040d89d232cdcacd1dd98a0bba4248c9f7b54ee65042e337925b44d946af2fa9fdcea9dfb0aa1409d48fafc3c232da7ffc3f994fee5aefd9e0ee2b949714374044bb33057f19f5eeeeb48a1e7bc9d64348e6904582ab6dc64d9b86aa24286ce41831e93a00899cb17267ae54e848e6934cd4d48f082d04f8e8c0fa2f7121c46e1664438ac1d95fbc2bd59c337f23d6ddf045d896b771feb93907b0bf910b18c2feb0e0691fe85d503dccdc1641226818c00c6455c64baeb5943279a79f9b2ba8be756cbe94e6cbafe8ee3b938738453b188670ef202845dfa3e60298da881e2bacc1e19c21ffe871501a01552e40781abe177214c2284ba67fc0835e08cae1e6084e2f5cd8f9e29a62480a1f57f61759e002c657f320c0df50e3924491f281d2e6f2b0fd00eb08f9d95809a968475c1c5acc1c2cfa4c0eebeb7e64aaed79de54dee38fc4d2b0fe021183120ecfb55a2df51a97d12f4d4b9018edee387be76f9711e29c01c46b83d91f4eb3458d84f054e3dd921969bc853e6c4c8aeae3702075224ea02f058dfebd7d088d47345289b4b631fce1c135d882832730ea14abb1633ea337faf6c069df5855d07cd5b08bbf271c7679d26f76a7959e48db71777905ef1425ac8002158d67e67d7ef9e988b01ea062a9588af848b354d9be19087dbda676b517732675af7327305879b6085f651d9128dd2ba6e5bbcbd2c5cac6e4387d3504d8fe563a1092327dbcd5a147d3ee2a66cebd6954d247f2af439cad3bb50339c5b7e1d85b4f5717e54fc3defcb4687bef471452ea6752fb536ec788894445f280ceba04af9a5352db746724c7b9c3b664c5454b2f7f8d6efb8c1dedc85e3b7eeccaaefa0a697992e9988ab4a1575c60c8fc54a7a31634641809f4bd3eee138dad52b38db659be1c104d1dcdf01cb4bb8e9e89f567dfab989d145b6b92ce7fe9377c0bb714c7470d45acb3eaff0a59def8baa65486b77aef0ff4954294a3f1004676f36f20f90f43f33114580ab5dac3932dd9950afe5e5215eea0be47af14523b3482b837141e5f9858e1efd66df38f1d6c9971efbea733d6d1538288f7104576b1113a7bd4b287d213f832efa444d18acb249d0bde431bda1d48015a06495ad8fbb589193db08396268bd1d8443b7418f5e037b80f2559b0bfc7e1faa9864a0801370cc43a81544081af3fa3376bc81752e705bb2f6ad6a0d44f490ac007f3034dbf27e581b7878e43822537a860f1d6dffb6fc95b4d0be77b8b0c87985a1d5dd9d76da18c7e3e0d804150c999aa3fba979ec27991c812b70dc6fc22cf004480614f77f78962cd975cc9b59987d917ba66c947472db52545b184138200ece5d0bd262a3da5f62e348d8985a788719329b033889d8d359a2ee6a134dd3cf48ae2a8bbc84277f6dba94a312a72fdd11143fc6a6b4aca4b5f39acf4934315113b7a042d0351481487a0bc81ef31a00386cf591097e21172fb53538b6138dec86a8e1add4a2a63c4c09ac3f6c0c178a6bbf43186adc1cc929a31bf2ef99f7ecae09b9c1c65e73b2655b22a75c0416fb71772e52cddf28006542a1b589368206c60a105a921265d61e8838685972cf8fa6eb1c0b7140a2d8456db1af0bdda3ad226a9b8b856bf1073224bbb5a87c0e0043964722cc1c4f477c1acc518ca951f9c2b0e74ac4e5cccf4a3971e228eb5f6757509c5ac6ee774e85e59a53a9203c4f6c5e26950c3a0b0c09ecdd076357ade61a5e23554d940621a1e28294ac873cb161ee5ed3de9d25b9955e74ca4915191f883197c9e13a7fe0093eff4b5d3f8f2e7189d4fb38f3281d780fbfd87e39dace409f62058b3badc27148c45ff268332b05a0dc2c83180f155662c77bb962713926b9857afd83878c5dabf3b824e7fe5dad1e086e9bdb1e01c2ae3139ef567930dd84d251dfc148e6f0d3705ad0ec751b53dc8842fa8b2a517d878224e3847acf1f72bc5a2a50f79693bf5cb87df9d7643c35a6749c041cab12a7d56fcc90205befb2c99f06055d47a33e2039d5521473a1c4aab8ef0fc5648c8435bf4cc01f0d7a37df58a576dc793a587d6673d4ebde988b2b8fd81f0af0c76a1dbca723a64c6cda5ddc91a2efdccb81a58dd0dddc4fbcf8fc992f655bea017ae798a04521e0ac0b674afb78baa6e5053ae38c76051d678e468f4959d0acb97f0b9aa4f5bd20aa18f56870abce7b71d42800109e48a82c4c71c5a8669b0fa5ba205db96aef4c5da0a314b55bec68b744cddbc98c32b9e8504442ff2503f546f24f066054c51071ede5af234880d3f55d7d7b6e21a78ce77ec7a386f3429161fb9b8f4eebedae87486d91c01ba25907b3bf383770710177002090fdd18c439f40ffc9c594844224804e1151b8cd464e2d9ac509c47cce64a9738ffd79b8c3a2c6e67d3dec4e85ead0177897180f2aa72d3abff6cec7e5178a91716b0b4cfa0272c0d7d8436391cab5969cd07bf84f5d791928994bd1c9b70866e34883aa220086374d0adedd20e5041bc8b67fadd804cecc7441f13ee49094552b2fc74804e056e862cfecde5c6e03e90d7dc0a8569153d2b4bbe1452a7ed0ad02a37bb7d8684edb8b57be8562074fa2be59ae873df2284ecde4f61b513abc7482b1db1581c62c0e17f0e3abbaeb7f1a267d7e050d33463dac46ef82369945e81da24b65f9e2b436fbb448f0e82b4a8352df33b6b4d9255b8df78217f24f6374f1aacf31f9bcce2e799ba9aa97bafd7b1e14855deaef93f924b0c3f231612defeaec6fba90f48067891b82f45a5336fa53504660a9961321b66ab307a16273121103c2698db229511d44719ee658d4e5bcc262a1e0ba5f2b3ed0b0a8a0c7702932a1ec260af733e9e5b8baa6c17b80a86de9a5ca4d6121bf0da01e527fe48fbc0bd87be4395d3a8e183461ffb91c6fecfba10c41825d5ebd5c36baca76e89a93c12d88b070c0ae107ad8622eb104dcad3fa59358825a0ddcab68340e425b03e9d124b59988b7dac0ef1306d6c85da2066ffa6b82fa8701109b8df5001249320e64804e2abf8c3fe1e2a104102c4e8fae58c870c7d7cd0ab4479afcf11c349d0f2cb87a435b6ffa8215f8e7ce7593f2772a4d9638e93d89a9f805cd6392e8ff3f7a43187aa4dc3e995a7875d3631f46dc12326d42afee72fbd5abc20fdcd81ada804793d8c1a532a26fa257628ee9d005d32da61b71417262898eb57216e77865e28d4ea64021ba28f0d354f3cd2015817aeb6f33743891f8f2aa34890a6aef0fa6e6a2696d14479ffdf9eea43d50fb075323e8a68b6697f984e7fb471743aee15707ee0643f51d3596a09a4c942b7f37633d26d70eead9d6aac5a92ce5ba6abff5c24fb55909915be78a4654f34676cb9f51d18d9d57834e02e152ea665db3ce3637427062517063df876b526f1632408c2429a4bc125ff39dc4e72e8ffdfc9252d480483026a9960c06205ff86cd65c69db3fb83584bdc7670b14380931077429056218ff154ca19adbb0884e110225bdf94825adea19eae04afbac6da907637e5e97662564246eb01e9baa3a265b6db9b3fd48b1e601bf9af1b94ab1f25ec1afa25ea0d8406febfd32384c2c1362967967eb3995d41aded9b3c58654fa10ff6eeaa5ff27f59f1b13749e8edc41654360ec474bff8135fe09b0008f06b0620d0b158d7558b4b7b43df585e29fec286aa3baa8cec1a3205c0646493a130555b1d8506331cf41d3bf8e646b6ba86562d8a99a8d9d167ac99ffc05ddc638830281a31a350bead7e59c8363e10b06d64aae6f4278c5cdc00ecd9a9951e23b09a9f46d14d599646a23d9cbfff298336baa3b37e52c02a23e0254ff401462bbfc55a8811e74c8701045adda6de2dc95ab37776f95875c9f0025e72e8fdcc3d2812067a60b2407b1ecccfc8ce45a28fbfd57602cee266e3330196c08ad10b8dfd836882633f759b7ab6916b781c02edda36a880e46da48dd62e968f0cb95ca342c53dcd992e18f15d46e75574f8729a59bd72231dc2d55ed9af075c6d6837b66f71be58bf4c508f13123a5a061128f79d7b5363ab231feb6ca174143f2689bc918510bf8f260e9f07bcc11305b39175b2887d09d4783d8696039c569c3ee76d5987508be4b03fab15e1ac698eaaa1a16348b56a58cc0c07182d16a837eabf84eb4b7a2b55e49bcbaebf6a46d35e5e60dba400d3193ece4843e40cd9e752cd7539e2b9ffe879a850c3399e9df459508a932c8f4f953ac121ff35e478e2c57493a48796daeb206eaae1064046f9ae24bd905"}, &(0x7f00000014c0)=0x1008)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r0, 0x84, 0x76, &(0x7f0000001500)={r1, 0x7}, &(0x7f0000001540)=0x8)
r2 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x101, 0x88000)
sendmsg$inet_sctp(r2, &(0x7f0000000380)={&(0x7f0000000180)=@in={0x2, 0x4e24, @broadcast}, 0x10, &(0x7f0000000300)=[{&(0x7f00000001c0)}, {&(0x7f0000000200)="2dde7573d122cbbaca5fe418938e715eda5d29038443a154e4dc375210d622b78f7a2fbf4ebf53fcf4d2adff5581c94253b91208a0936281bea1c265d499893c76eff2f1bd9759abc381d79865d899520a3e26b514737c3f95ae2baecb72e32bf6bd0b59a5c5f5e18e126c28f5ba4347abcd087c4d3a0852cab73adcd6f50697037ce75c2477987ab1ca7941976c3201197529370f6008614ae4771f5b5c5e2d0a5fdb48fcebb770f9eb636c185d94c4bb2557fdcf320ae0d43db676d43a8b24b100d5d295efbc0bcd8bacb36c0f2e5e96e90590e2ab70375e1f84f7e9b02677d3abbcddff9ec17c1d5483f9", 0xec}], 0x2, &(0x7f0000000340)=[@authinfo={0x18, 0x84, 0x6, {0x81}}], 0x18, 0x24000001}, 0x4080)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000080)={<r3=>0x0, 0x8, 0x3, 0x1}, &(0x7f00000000c0)=0x10)
setsockopt$inet_sctp6_SCTP_RTOINFO(r2, 0x84, 0x0, &(0x7f0000000100)={r3, 0x400, 0x40, 0x24f}, 0x10)
r4 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x3, 0x20080)
ioctl$DRM_IOCTL_WAIT_VBLANK(r4, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:27:04 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x2, 0x0)

18:27:04 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:04 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:04 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(r1, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x1, 0x2, 0x6, 0x9}, 0x14)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

[  264.378517] Bluetooth: hci0: Frame reassembly failed (-84)
18:27:04 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  264.435970] Bluetooth: hci1: Frame reassembly failed (-84)
18:27:05 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x1f, 0x88200)
lstat(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = getuid()
syz_mount_image$ntfs(&(0x7f0000000000)='ntfs\x00', &(0x7f0000000080)='./file0\x00', 0xffffffffffffff83, 0x1, &(0x7f0000000100)=[{&(0x7f00000000c0)="4673c10208885d54", 0x8, 0x7}], 0x24000a, &(0x7f0000000240)={[{@show_sys_files_no='show_sys_files=no'}, {@show_sys_files_no='show_sys_files=no'}, {@errors_remount='errors=remount-ro'}, {@dmask={'dmask', 0x3d, 0x94}}], [{@subj_role={'subj_role'}}, {@uid_eq={'uid', 0x3d, r1}}, {@euid_gt={'euid>', r2}}, {@func={'func', 0x3d, 'FILE_CHECK'}}, {@fsmagic={'fsmagic', 0x3d, 0x9}}]})
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x4000002, 0x4})

18:27:05 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  266.395611] Bluetooth: hci0: command 0x1003 tx timeout
[  266.401194] Bluetooth: hci0: sending frame failed (-49)
[  266.475628] Bluetooth: hci1: command 0x1003 tx timeout
[  266.481190] Bluetooth: hci1: sending frame failed (-49)
[  268.475702] Bluetooth: hci0: command 0x1001 tx timeout
[  268.481219] Bluetooth: hci0: sending frame failed (-49)
[  268.555627] Bluetooth: hci1: command 0x1001 tx timeout
[  268.561019] Bluetooth: hci1: sending frame failed (-49)
[  270.555688] Bluetooth: hci0: command 0x1009 tx timeout
[  270.638157] Bluetooth: hci1: command 0x1009 tx timeout
18:27:14 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:14 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:14 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:14 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:14 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:27:14 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x4b47, 0x0)

18:27:15 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:15 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x4000005, 0x200000252, 0x2f})

18:27:15 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:15 executing program 4:
r0 = getpid()
ioprio_set$pid(0x3, r0, 0x3)
r1 = syz_open_dev$swradio(&(0x7f0000000040)='/dev/swradio#\x00', 0x1, 0x2)
ioctl$KVM_GET_TSC_KHZ(r1, 0xaea3)
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc733, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:27:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:15 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:15 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:15 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:15 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:15 executing program 4:
r0 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x282880)
setsockopt$bt_rfcomm_RFCOMM_LM(r0, 0x12, 0x3, &(0x7f0000000240)=0xc, 0x4)
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r2 = fcntl$dupfd(r1, 0x406, r1)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000040)={<r3=>0x0, @in={{0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x28}}}, 0x0, 0x67bd}, &(0x7f0000000100)=0x90)
setsockopt$inet_sctp6_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f00000002c0)=@assoc_value={r3, 0x8}, 0x8)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000280)='/dev/fuse\x00', 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r2, 0x84, 0x18, &(0x7f0000000180)={r3, 0x7a0cb4a3}, &(0x7f00000001c0)=0x8)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:27:15 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  276.715604] Bluetooth: hci0: command 0x1003 tx timeout
[  276.722911] Bluetooth: hci0: sending frame failed (-49)
[  278.795707] Bluetooth: hci0: command 0x1001 tx timeout
[  278.801210] Bluetooth: hci0: sending frame failed (-49)
[  280.878041] Bluetooth: hci0: command 0x1009 tx timeout
18:27:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x4b49, 0x0)

18:27:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xffffffffffffffff, 0x10000000040000)
ioctl$DRM_IOCTL_DROP_MASTER(r0, 0x641f)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:27:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:25 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:25 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:25 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:25 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:25 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0xc9a})

18:27:25 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:25 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  286.875740] Bluetooth: hci0: command 0x1003 tx timeout
[  286.881216] Bluetooth: hci0: sending frame failed (-49)
[  288.955732] Bluetooth: hci0: command 0x1001 tx timeout
[  288.961291] Bluetooth: hci0: sending frame failed (-49)
[  291.035700] Bluetooth: hci0: command 0x1009 tx timeout
18:27:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5409, 0x0)

18:27:35 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = socket$xdp(0x2c, 0x3, 0x0)
ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000040))
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vsock\x00', 0x0, 0x0)
ioctl$ASHMEM_GET_PIN_STATUS(r2, 0x7709, 0x0)

18:27:35 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:35 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  295.007803] Unknown ioctl 30473
18:27:35 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:35 executing program 3:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

[  295.051750] Bluetooth: hci0: Frame reassembly failed (-84)
[  295.064348] Bluetooth: hci0: Frame reassembly failed (-84)
18:27:35 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:35 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = add_key$user(&(0x7f0000000040)='user\x00', &(0x7f0000000080)={'syz', 0x0}, &(0x7f00000000c0)="21b1f56d6890d9b531b103ab38ec3e26414813bfc12456", 0x17, 0xfffffffffffffffa)
keyctl$read(0xb, r1, &(0x7f0000000180)=""/4096, 0x1000)

18:27:35 executing program 3:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:27:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  297.125545] Bluetooth: hci0: command 0x1003 tx timeout
[  297.131121] Bluetooth: hci0: sending frame failed (-49)
[  299.195703] Bluetooth: hci0: command 0x1001 tx timeout
[  299.201224] Bluetooth: hci0: sending frame failed (-49)
[  301.275670] Bluetooth: hci0: command 0x1009 tx timeout
18:27:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x540b, 0x0)

18:27:45 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x100, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(0xffffffffffffffff, 0x84, 0xf, &(0x7f0000000180)={<r2=>0x0, @in6={{0xa, 0x4e20, 0x3ff, @remote, 0x3d}}, 0x40e, 0xfffffffffffffc01, 0x7, 0x2, 0x6}, &(0x7f0000000240)=0x98)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000280)={r2, 0x9}, 0x8)
setxattr$security_selinux(&(0x7f0000000040)='./file0\x00', &(0x7f00000002c0)='security.selinux\x00', &(0x7f0000000300)='system_u:\xd5\xe5\xf2\xdc\xd3oIexec_ti\xc4\x9e,\xf0\xd3 K\xbf\xf7\r\xbc\xb3\xcd\xf2d\xca\xcc\x99\xc0\xec\x03\x83\x81J\x80AT\x93\x89o\xfb\x80\xf6q\xd1p\x9f\x05 M\r\xd0-\xb5\x84\xcab\xb8\xef]\x13\xb9\xd5z\xd5\x8fv\xe7DL\xea\x01-JD\n\xa39\xcb2\xe4\b2Nu7\x1a\x8f\xc4\xf4\xdfm\x8a8\bD\x8f>\"\xaf\x14\xe4\xc2M\x9a7r\xaa\xe9\xd2\xebTRO\x19\x18\xd1\x1f5\xb1\x8d\xee*\xad(-o\xda\xdfV\x95\x8d\x89B`\xc0\xe5\x95\x1c[\t\xfd\x1e\x80)\xcb\x8b\xa1pp\xa0\x97P<^\x00}\x00\xe2\x87\x84\xd3A\xd8\x05c\x16\x00'/191, 0xbf, 0xfffffffffffffffe)
setxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='trusted.overlay.nlink\x00', &(0x7f00000003c0)={'L-', 0x100}, 0x28, 0x3)

18:27:45 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:45 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:45 executing program 3:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:27:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:27:45 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:45 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:45 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000180)={&(0x7f00000000c0)=[0xfff, 0x2, 0x71e, 0x6d50, 0x20000000000, 0x1], 0x6, 0x7, 0x8, 0x3, 0x40, 0x9, {0xffff, 0x4, 0xa93, 0x9, 0x6, 0x7f, 0x4, 0x0, 0xe9, 0x4, 0x0, 0x8, 0x59, 0x5, "6872613905f2dbb09c02e5702cb8ca1dabaad035ff06deda9c5dc5fd25627eb7"}})
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000040)={0x4000004})
ioctl$DRM_IOCTL_SET_UNIQUE(r0, 0x40106410, &(0x7f0000000080)={0x2e, &(0x7f0000000000)="5e2a07abe994b8417ef60408d7c64f1038232157c6817690171bd4b1cca05aa147ba9cff6ec1f5edd5bcf405d3d6"})

18:27:45 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

18:27:45 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  307.365601] Bluetooth: hci0: command 0x1003 tx timeout
[  307.370991] Bluetooth: hci0: sending frame failed (-49)
[  309.435675] Bluetooth: hci0: command 0x1001 tx timeout
[  309.441284] Bluetooth: hci0: sending frame failed (-49)
[  311.515665] Bluetooth: hci0: command 0x1009 tx timeout
18:27:55 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x540c, 0x0)

18:27:55 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:55 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = syz_open_dev$mouse(&(0x7f00000002c0)='/dev/input/mouse#\x00', 0x2, 0x0)
setsockopt$RXRPC_SECURITY_KEY(r1, 0x110, 0x1, &(0x7f0000000300)='cifs.spnego\x00', 0xc)
r2 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = request_key(&(0x7f0000000180)='cifs.spnego\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)='\x00', 0xfffffffffffffffe)
keyctl$search(0xa, r3, &(0x7f00000000c0)='asymmetric\x00', &(0x7f0000000100)={'syz', 0x2}, r2)
rename(&(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='./file0\x00')
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:27:55 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:27:55 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

18:27:55 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:27:55 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  315.533111] Bluetooth: hci0: Frame reassembly failed (-84)
18:27:56 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:27:56 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

18:27:56 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_AUTH_MAGIC(r0, 0x40046411, &(0x7f0000000040)=0x1)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:27:56 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  317.595646] Bluetooth: hci0: command 0x1003 tx timeout
[  317.603787] Bluetooth: hci0: sending frame failed (-49)
[  319.675666] Bluetooth: hci0: command 0x1001 tx timeout
[  319.681482] Bluetooth: hci0: sending frame failed (-49)
[  321.755724] Bluetooth: hci0: command 0x1009 tx timeout
18:28:06 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x540d, 0x0)

18:28:06 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:06 executing program 4:
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x14000, 0x0)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000080)={0x10000, 0x1, 0x9, 0x100000000, 0x0, 0x80000001, 0x20, 0x9, <r1=>0x0}, &(0x7f00000000c0)=0x20)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000100)={r1, 0x11, "3c550507c73ffd2895e6ec6a1858a67058"}, &(0x7f0000000180)=0x19)
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000040)={0x4000002})

18:28:06 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:28:06 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

18:28:06 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:06 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, 0x0, 0x0)

18:28:06 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:06 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/fuse\x00', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r1, &(0x7f0000000180)={0x29, 0x4, 0x0, {0x4, 0x7fff, 0x1, 0x0, [0x0]}}, 0x29)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(r0, 0x6612)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x8)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f0000000080)={0x1, 0x4, 0x5, 0x80000000, 0xfffffffffffffff8, 0x9})

18:28:06 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

18:28:06 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:06 executing program 4:
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x4000002})
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/autofs\x00', 0x100, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x3e, 0x9, 0x3})
ioctl$KVM_IOEVENTFD(r0, 0x4040ae79, &(0x7f0000000100)={0xf004, &(0x7f00000000c0), 0x1, r0, 0xb})
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000180)='fou\x00')
sendmsg$FOU_CMD_GET(r0, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8000000}, 0xc, &(0x7f0000000200)={&(0x7f00000001c0)={0x24, r1, 0x100, 0x70bd2c, 0x25dfdbfb, {}, [@FOU_ATTR_PEER_V4={0x8, 0x8, @broadcast}, @FOU_ATTR_PORT={0x8, 0x1, 0x4e24}]}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x40014)

[  327.765554] Bluetooth: hci0: command 0x1003 tx timeout
[  327.772254] Bluetooth: hci0: sending frame failed (-49)
[  329.835614] Bluetooth: hci0: command 0x1001 tx timeout
[  329.841188] Bluetooth: hci0: sending frame failed (-49)
[  331.915819] Bluetooth: hci0: command 0x1009 tx timeout
18:28:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5412, 0x0)

18:28:16 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r0, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

18:28:16 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:16 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, 0x0, 0x0)

18:28:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot\x00', 0x4d0401, 0x0)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f0000000080)='tls\x00', 0x4)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x3e, 0x2, 0x2a})

18:28:16 executing program 1:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, 0x0, 0x0)

18:28:16 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

18:28:16 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:16 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:16 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = syz_open_dev$media(&(0x7f0000000040)='/dev/media#\x00', 0x4, 0x80200)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000180)={{{@in=@dev, @in6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@broadcast}}, &(0x7f00000000c0)=0xe8)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000000280)={{{@in=@loopback, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@mcast2}}, &(0x7f0000000100)=0xe8)
r4 = getuid()
ioctl$sock_SIOCGPGRP(0xffffffffffffffff, 0x8904, &(0x7f0000000380)=<r5=>0x0)
sendmsg$nl_generic(r1, &(0x7f00000007c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, &(0x7f0000000780)={&(0x7f00000003c0)={0x384, 0x38, 0x200, 0x70bd27, 0x25dfdbfe, {0x6}, [@nested={0x50, 0x7b, [@typed={0xc, 0x16, @u64=0x7529}, @generic="71831d1973a6cf46107573d3c859c77927dde536dd8ed61bf1fbd67d37f5fb26e33653f1fa2684a7ae0ccb1210beaec616402365d1090015780e785eda24e2cd"]}, @nested={0xa0, 0x3b, [@generic="a3616595225c10d775d2c2179ed3bce4bc3a0147725169a1e40791fb64a784ab22a870bcd6daff0273cce04275117502f5f73b4f73d6c0ef82a7bc844c9e0f4bb5067c389f3e99d29552a005e31bc94e834866374ddac69c37413788a86ab823553be1af62ce0f78bafa356ef15d544d5825f61935bf9e609c47d838b9b2cc7580f50c142c61815245e0d31652db981d62", @generic, @typed={0x8, 0x4, @u32=0x6}]}, @nested={0x104, 0x34, [@typed={0x4, 0x90}, @typed={0x14, 0x6f, @ipv6=@local}, @generic="5bd1ef3f8833f8910120c162b6ec39cdb8be972c9198491427d513dc818bde80cf83c02890c44fd2dbf82775d07c788a94d748908ae144900fca", @generic, @typed={0x8, 0x72, @ipv4=@multicast1}, @typed={0x8, 0x56, @uid=r2}, @typed={0x80, 0x40, @binary="52304bb83e3f00551a842052c914df968636bb9a2dcf3caff081bce79291c74e06f2be4b9688acb5d8313fd64978379368727169ecb2f1a628ff1956747b8f376da1ceca5389733df71ef7638b91aa952e7e4057ece0f23d25bd041b7744c1ea22f696d2446b8e4395b9178d323e03603f47490f5962e3ac19"}, @typed={0x14, 0xc, @str='/dev/dri/card#\x00'}, @typed={0x8, 0x76, @uid=r3}]}, @generic="cded5e1fe1ff346daf34355108baf78426126f91d2741a98dc6a2cae737224a677825c17", @nested={0x158, 0x3e, [@typed={0x4, 0x17}, @typed={0x8, 0x33, @ipv4=@broadcast}, @typed={0x4, 0x46}, @typed={0x8, 0x57, @uid=r4}, @generic="e9726820281b6ac5f23844607ffedd01e37968a95a309c192438e70c8a49d5595d3d2c8d4a2cd031a14413decdbe08638a65a5c67b2f53c3aefd4b82a9782e80c98ecd19f5150e5b6263ffd91958e747707ae2b343cc4980af8d6af4b8530d38671a7a1c4fa3a1e76f75", @typed={0x8, 0x89, @pid=r5}, @generic="3ae9e8b10133af9dc45c7bbcfe931052e781563109f26966e34a37d8bc307e06618dcc2b8990ea7920635283175989c573131d00650ac1238fa91f7c199ff63aa54fc3047d3ed167c02c1d851aec9eb71ff8a931208acd9bb9e606e93f69384f59f1553cb4c9f33a8ddc0aea9284f8f3fa9c0705dbb628fd597ada2370bb5d", @generic="debab3652c488045d879368cde96faaec23bfb2043e0966eb1cff556476e8cc5bef8b8243b1789ea68d3a6890c1587265d20542460a90e3164f4be68dbc7ee24fae7b5", @typed={0x8, 0x29, @str='\x00'}]}]}, 0x384}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

[  335.986994] Bluetooth: hci0: Frame reassembly failed (-84)
18:28:16 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000100)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
setsockopt$inet_tcp_buf(r0, 0x6, 0x0, 0x0, 0x0)

[  337.995576] Bluetooth: hci0: command 0x1003 tx timeout
[  338.002411] Bluetooth: hci0: sending frame failed (-49)
[  340.075592] Bluetooth: hci0: command 0x1001 tx timeout
[  340.081214] Bluetooth: hci0: sending frame failed (-49)
[  342.155691] Bluetooth: hci0: command 0x1009 tx timeout
18:28:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5413, 0x0)

18:28:26 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

18:28:26 executing program 4:

18:28:26 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:26 executing program 1:

18:28:26 executing program 4:
r0 = openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000200)='/proc/self/attr/current\x00', 0x2, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0xf, &(0x7f0000000080)='/dev/dri/card#\x00'}, 0x30)
fcntl$setown(r0, 0x8, r1)
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r3 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vcs\x00', 0x80, 0x0)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_STATS(r3, &(0x7f0000000280)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0xa0002037}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x1c, r4, 0x1, 0x70bd25, 0x25dfdbff, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x800}, 0x8814)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:28:26 executing program 1:

18:28:26 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

18:28:26 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:26 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:26 executing program 1:

[  346.242035] Bluetooth: hci0: Frame reassembly failed (-84)
[  348.315604] Bluetooth: hci0: command 0x1003 tx timeout
[  348.321105] Bluetooth: hci0: sending frame failed (-49)
[  350.395628] Bluetooth: hci0: command 0x1001 tx timeout
[  350.401303] Bluetooth: hci0: sending frame failed (-49)
[  352.475616] Bluetooth: hci0: command 0x1009 tx timeout
18:28:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5414, 0x0)

18:28:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:28:36 executing program 4:
r0 = accept4$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000080)=0x14, 0x800)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x191bbb8f3c7708a4, &(0x7f00000000c0)=0x1, 0x4)
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:28:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:36 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:36 executing program 1:

18:28:36 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000000c0)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:28:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:28:36 executing program 1:

18:28:36 executing program 2:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:36 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  358.555648] Bluetooth: hci0: command 0x1003 tx timeout
[  358.561189] Bluetooth: hci0: sending frame failed (-49)
[  360.635624] Bluetooth: hci0: command 0x1001 tx timeout
[  360.641202] Bluetooth: hci0: sending frame failed (-49)
[  362.715669] Bluetooth: hci0: command 0x1009 tx timeout
18:28:47 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5415, 0x0)

18:28:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:28:47 executing program 4:
r0 = dup(0xffffffffffffffff)
ioctl$KVM_GET_MSR_INDEX_LIST(r0, 0xc004ae02, &(0x7f0000000040)={0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:28:47 executing program 1:

18:28:47 executing program 2:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:47 executing program 1:
getegid()
getpgid(0x0)
socket$nl_generic(0x10, 0x3, 0x10)
seccomp(0x0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sendmsg$NBD_CMD_DISCONNECT(0xffffffffffffffff, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={0x0}}, 0x80c0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000680)='net/mcfilter6\x00')
sendmsg(0xffffffffffffffff, &(0x7f0000002fc8)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000240)=ANY=[]}, 0x0)
preadv(r0, &(0x7f00000017c0), 0x1fe, 0x400000000000)

18:28:47 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

18:28:47 executing program 2:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:47 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000040)='/dev/admmidi#\x00', 0x8, 0x8080)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f00000002c0)={{0x0, 0x2, 0x5, 0x2, 0x9}})
sendmsg$nfc_llcp(r1, &(0x7f0000000280)={&(0x7f0000000080)={0x27, 0x0, 0x0, 0x6, 0x6c23, 0xfffc000000000000, "f1d783403807932690e1eb2b20411a508096ebceff6a97933fc0431a2a80fcaa7b7ad7a864310bd62b8bb6c65068ac0f87b8c59c8f2a18c192c2a23c93edce", 0xe}, 0x60, &(0x7f0000000200)=[{&(0x7f0000000100)="affc1ec6b851f29d64da065b08f37d64ed7c090f0b848e809bdb9ed818d7dc40629d9b060d7ee6dafc6a1acbecc6", 0x2e}, {&(0x7f0000000180)="25b741adc85a48d4abc0064a05541b2ffd370091b1fea6b233896bb73e980adb1fd0ff251d27d1524342ae4ffb6867fe93e72ffcadf9cd819e3d2f449b1e4964d246ce65adb398288449975c4af9571b0e1981235202d26522b3a0d54df6122b00dca9b0ec21682487591c171aecca3c4f65", 0x72}], 0x2, &(0x7f0000000240)={0x18, 0x100, 0x0, "7ed351e4"}, 0x18, 0x20000004}, 0x4000)
syz_open_dev$sndtimer(&(0x7f0000000300)='/dev/snd/timer\x00', 0x0, 0x4000)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:28:47 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:28:47 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  366.753904] audit: type=1326 audit(1564511327.188:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0
[  367.550569] audit: type=1326 audit(1564511327.988:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 pid=9639 comm="syz-executor.1" exe="/root/syz-executor.1" sig=9 arch=c000003e syscall=228 compat=0 ip=0x45c66a code=0x0
[  368.795596] Bluetooth: hci0: command 0x1003 tx timeout
[  368.801272] Bluetooth: hci0: sending frame failed (-49)
[  370.875613] Bluetooth: hci0: command 0x1001 tx timeout
[  370.881072] Bluetooth: hci0: sending frame failed (-49)
[  372.955595] Bluetooth: hci0: command 0x1009 tx timeout
18:28:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5416, 0x0)

18:28:57 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:28:57 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
set_tid_address(&(0x7f00000000c0))
r1 = socket$inet6(0xa, 0x4, 0x1ff)
recvmmsg(r1, &(0x7f0000000c00)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000180)=""/100, 0x64}, {&(0x7f0000000100)=""/18, 0x12}, {&(0x7f0000000200)=""/240, 0xf0}, {&(0x7f0000000300)=""/16, 0x10}, {&(0x7f0000000340)=""/85, 0x55}], 0x5, &(0x7f0000000440)=""/21, 0x15}, 0xd2a6}, {{&(0x7f0000000480)=@nfc_llcp, 0x80, &(0x7f0000000680)=[{&(0x7f0000000500)=""/131, 0x83}, {&(0x7f00000005c0)=""/74, 0x4a}, {&(0x7f0000000640)=""/37, 0x25}], 0x3, &(0x7f00000006c0)=""/14, 0xe}, 0x461}, {{&(0x7f0000000700)=@tipc=@id, 0x80, &(0x7f0000000a80)=[{&(0x7f0000000780)=""/47, 0x2f}, {&(0x7f00000007c0)}, {&(0x7f0000000800)=""/180, 0xb4}, {&(0x7f00000008c0)=""/161, 0xa1}, {&(0x7f0000000980)=""/214, 0xd6}], 0x5, &(0x7f0000000b00)=""/242, 0xf2}, 0x3}], 0x3, 0x40000040, &(0x7f0000000cc0)={0x0, 0x989680})
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x0, 0x0)
ioctl$EVIOCGKEYCODE(r2, 0x80084504, &(0x7f0000000080)=""/51)

18:28:57 executing program 2:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:57 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r0, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r0, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

18:28:57 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f0000000100)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket(0x10, 0x2, 0x0)
write(r1, &(0x7f0000000000)="1f00", 0x2)

18:28:57 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
sendto$rose(r0, &(0x7f0000000040)="4a869cff50488aeaadcb058ab5515f66b2b24477502cc4cb0b157c1f63d641d91fe79133e01bdf2e567b342d79aa28cdcedc1667acb46463bf1ff8957c69ed30dea3b5b013fd178562a94050291ab8fc005efd5b3240be89cca9b832936f0c900dc39c5b", 0x64, 0x40000, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:28:57 executing program 2:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:28:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  376.918526] Bluetooth: hci0: Frame reassembly failed (-84)
18:28:57 executing program 1:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]})
setsockopt$inet6_udp_int(0xffffffffffffffff, 0x11, 0x66, &(0x7f0000000000), 0x4)

18:28:57 executing program 4:
r0 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$EVIOCGNAME(r0, 0x80404506, &(0x7f0000000080)=""/146)
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000380)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x100800}, 0xc, &(0x7f0000000340)={&(0x7f0000000200)={0x10c, r2, 0x404, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0xb8, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xb0}, @TIPC_NLA_PROP_MTU={0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1f}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x253b8ee4}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_PROP={0x14, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xf28}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x1c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x40}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}]}]}, @TIPC_NLA_NET={0x40, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x20}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x100000001}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3ff}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x80}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x1}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x8}]}]}, 0x10c}, 0x1, 0x0, 0x0, 0x20000004}, 0x40000)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:28:57 executing program 2:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  378.955563] Bluetooth: hci1: command 0x1003 tx timeout
[  378.961052] Bluetooth: hci1: sending frame failed (-49)
[  378.966506] Bluetooth: hci0: command 0x1003 tx timeout
[  378.971855] Bluetooth: hci0: sending frame failed (-49)
[  381.035606] Bluetooth: hci0: command 0x1001 tx timeout
[  381.035640] Bluetooth: hci1: command 0x1001 tx timeout
[  381.041009] Bluetooth: hci0: sending frame failed (-49)
[  381.051825] Bluetooth: hci1: sending frame failed (-49)
[  383.115677] Bluetooth: hci1: command 0x1009 tx timeout
[  383.121046] Bluetooth: hci0: command 0x1009 tx timeout
18:29:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5418, 0x0)

18:29:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:07 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xc72f, 0x20000)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x200, 0x0)

18:29:07 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
setsockopt$inet6_MRT6_DEL_MFC_PROXY(0xffffffffffffffff, 0x29, 0xd3, &(0x7f0000002000)={{}, {0xa, 0x0, 0x0, @empty, 0x1}}, 0x5c)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000002000)={0x0, 0x0, 0x1}, 0x14)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x40, &(0x7f0000001fde), 0x4)

18:29:07 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:07 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:29:07 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:07 executing program 1:
perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xf7c, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x10000000, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

18:29:07 executing program 4:
r0 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@un=@abs, &(0x7f00000000c0)=0x80, 0x80000)
setsockopt$inet6_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000100)=@gcm_256={{}, "f8324af577b17e36", "7a35585c7417bdd417873418806508a517fc8ccf759998f741f397b9fa4fed56", "60d78785", "a0f09c67333d8b6a"}, 0x38)
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x4000002})

[  387.209247] Bluetooth: hci0: Frame reassembly failed (-84)
[  387.226188] Bluetooth: hci1: Frame reassembly failed (-84)
18:29:07 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:07 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  389.275604] Bluetooth: hci1: command 0x1003 tx timeout
[  389.281218] Bluetooth: hci1: sending frame failed (-49)
[  389.286815] Bluetooth: hci0: command 0x1003 tx timeout
[  389.292347] Bluetooth: hci0: sending frame failed (-49)
[  391.355605] Bluetooth: hci0: command 0x1001 tx timeout
[  391.355612] Bluetooth: hci1: command 0x1001 tx timeout
[  391.366346] Bluetooth: hci1: sending frame failed (-49)
[  391.371804] Bluetooth: hci0: sending frame failed (-49)
[  393.435579] Bluetooth: hci0: command 0x1009 tx timeout
[  393.435625] Bluetooth: hci1: command 0x1009 tx timeout
18:29:17 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:17 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xffff, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x4000, 0x0)
getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000000c0)={<r2=>0x0, 0xe2, 0x7, 0xfffffffffffffff8, 0x3, 0x81}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDR_INFO(r1, 0x84, 0xf, &(0x7f0000000140)={r2, @in6={{0xa, 0x4e23, 0x6, @local, 0x1}}, 0x8, 0x1, 0x9, 0x93b, 0x3}, &(0x7f0000000200)=0x98)

18:29:17 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x541b, 0x0)

18:29:17 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:17 executing program 3:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:29:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:17 executing program 4:
syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0xfffd)
r0 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xc9, 0x20000)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r0, 0x84, 0x16, &(0x7f00000000c0)=ANY=[@ANYBLOB="080000000000000002000000"], 0x6)
ioctl$IOC_PR_RELEASE(r0, 0x401070ca, &(0x7f0000000040)={0x1, 0x8000, 0x1})

18:29:17 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  397.492677] Bluetooth: hci1: Frame reassembly failed (-84)
18:29:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:18 executing program 4:
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x2400, 0x0)
ioctl$EVIOCGUNIQ(r0, 0x80404508, &(0x7f0000000180)=""/81)
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000080)={0x4000002, 0x1})
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0})
setfsgid(r2)

18:29:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
fcntl$getownex(r0, 0x10, &(0x7f0000000000)={0x0, <r1=>0x0})
ptrace$getenv(0x4201, r1, 0x95, &(0x7f0000000040))
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000002, 0x0, 0xfffffffffffffffc})

18:29:18 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000100)={0x4000002})
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm_plock\x00', 0x500, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
getsockopt$TIPC_DEST_DROPPABLE(r1, 0x10f, 0x81, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="2400000031001901000000000000000002000000fff48d9b0c000100558c420802100004c16b288d0176fd2aef125ee0e28d473ef410dfa15a3c135f6897f19806c04a0f0e6b3586167e980b69cc06"], 0x24}}, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000080)=0x5, &(0x7f00000000c0)=0x4)

18:29:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:18 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  399.515560] Bluetooth: hci0: command 0x1003 tx timeout
[  399.515565] Bluetooth: hci1: command 0x1003 tx timeout
[  399.515634] Bluetooth: hci1: sending frame failed (-49)
[  399.524597] Bluetooth: hci0: sending frame failed (-49)
[  401.595610] Bluetooth: hci0: command 0x1001 tx timeout
[  401.595616] Bluetooth: hci1: command 0x1001 tx timeout
[  401.606449] Bluetooth: hci1: sending frame failed (-49)
[  401.612014] Bluetooth: hci0: sending frame failed (-49)
[  403.675565] Bluetooth: hci0: command 0x1009 tx timeout
[  403.675581] Bluetooth: hci1: command 0x1009 tx timeout
18:29:28 executing program 4:
syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x20102, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x0, &(0x7f0000000080)="da878d5b7bbc1033ce51cecc564bf38058c30b1495b261d1a51f94b3ad8ec08354e1c0da471da981006536965d86c8ec405f485a27a07629c1e982547d7fc07acc82bd721b6e44fc919d0204978a85b3404e927a871bf9995aea10cd0760dcc7b736dcc23f50c5b5eeb3411557a53264fb6b6d3f21b72611c7445b820bd06dc67c63f62b319febaa48a4dce468c856dc4968e5b90ad61b6e62b1138094b66eb0c5ff659f3ed794bb499b225ffdc2c011", 0x365)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f0000000180)={0x0, 0xd7, 0x39, {0xb89e000, 0x3}, {0xb2, 0xcf}, @const={0x1, {0x16d0c77f, 0x3, 0x7e5, 0x5}}})

18:29:28 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:28 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x541d, 0x0)

18:29:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:28 executing program 3:
r0 = socket$unix(0x1, 0x1, 0x0)
ioctl$EXT4_IOC_PRECACHE_EXTENTS(0xffffffffffffffff, 0x6612)
ioctl$FS_IOC_SETVERSION(r0, 0x40087602, 0x0)
ioctl$VT_GETSTATE(0xffffffffffffffff, 0x5603, 0x0)

18:29:28 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10900, 0x0)
ioctl$SCSI_IOCTL_SYNC(r1, 0x4)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r1, 0xc0a85320, &(0x7f0000000080)={{0x3, 0x2}, 'port1\x00', 0x0, 0x8, 0x1f, 0x7f, 0x3f, 0xff, 0x189, 0x0, 0x2, 0x4b9})
arch_prctl$ARCH_GET_CPUID(0x1011)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:29:28 executing program 3:

[  407.722906] Bluetooth: hci0: Frame reassembly failed (-84)
18:29:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:28 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xc72f, 0xfffffffffffffff9)
ioctl$FICLONE(r0, 0x40049409, r0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = syz_open_dev$amidi(&(0x7f0000000040)='/dev/amidi#\x00', 0x2, 0x800)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x80000011})
ioctl$VIDIOC_SUBDEV_G_CROP(r1, 0xc038563b, &(0x7f0000000140)={0x1, 0x0, {0x80, 0x8001, 0xffffffffffff7fff, 0x1}})
ioctl$BLKROGET(r1, 0x125e, &(0x7f0000000100))
sendmsg$inet6(r1, &(0x7f0000001600)={&(0x7f0000000180)={0xa, 0x4e20, 0xfffffffffffffffe, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x29}}}, 0x1c, &(0x7f00000014c0)=[{&(0x7f00000001c0)="e04bef729fe70cf3899ed080310c9ec6886f97e9f75731fd95920d4a492cd1270a09b80d05b82297d07b5a7bbea469caa8638475a786afdbee19cf404fc2f9188ab323cb101c01df6a57d239a266daf83f7909aec5ce2b18364d9efb367a41d042a923d166635bba3f5a1b4303927ce5fbc0fb1c1381a36595202adcb9fbe73968b0ed1da86f4b4f0606d0e64b6fbd4f26ca21f4b7cd2e0ccfc0d395bdaf53186abda42a6e42ef518db00c686330ee3fcb936fa174f40e62b8ab8a9c23e93bb5020248c5ad178663b302c07556308e6e8f63312ccc1bb8f1327b0b8a4d7df185d01f64f1fb95e31d269431b9f33b94d7af0848329d14aff3f24e7387cc41796466465e296f91a75d17a5aea7fe191a0056d48a4bb2ea73aa9a9c2af970ac4e00289665eef35ca90d0cafb7cb8a51adc10487d8c88a8ea219db346edb7101a7b481ee65ae0c03d0c3f12d0c8e5f5224aee0765eaaea11137a00284a82820e4bc6406a87a2ddb8dc4adf884d20fad92d42991fb08e6790713337728cb697f1dca344011e59eb8fb357a3a370ecaaec40e981ac33afa4ccc96f54eeda6a6af8bbb6011183db8a1ca3ab04ab639a2aff317ae759632d3e0bd8c96d6b7d0886c263c1fb885f961d391405ccace23106dd9171d79eed46f48fd990a2fd4b2b9a1cd1a44f358884d3bcf1df6bde28edd6050be772c4b0e5a1fc5ddf3bdab54c4f8dd4c34be50ffd1f49a649b54a16dab7b1d7b531c7fd4a7e335affd5e720f9cda451a1e81abbecf9ce01805372d627563e0ebc9f192d5a9339ee82f62a8092639f41a5e2edf9e8f81cf34e4fe2787021b153a61e70b9b5a094d6dc7e0cd9ab65ca0b04facfe9fe92f7049d18d1a87c8f21d5d435d7537ef90eb672dcecd2974dcc01384b512db6478a2841ae91ed4b5b01bb8507c877c6e09a6aa17172e3bfaea404ca9da47744cba5ac33c726287dd045f0fa300ac049a9b535d9f9a2a69a156cd074240b2bc99199c5182388ae819b02a75e82f7a47318c19eaa25f6899c2ced16fa21c5bb96b53fdfe09672e3979b576cf76e7129405202c8c1a03e74e59d2a1e75a416ee1e27914eeb904842187c3ecd9f57bb8783f22eac5ff440e73ac4f366d9b77a8dab6104960d01965c762a5c13e00419478807b1c033fb5ffc23a448c4dedc040a28ef7657151728e373cdf776f1ae2b1f96fda80fe59cc26a44b19a15b9ec7d9a294748f2ed822db4d7c47fca62d9851b9ce806a19e3943cb1829dd22fd6a9bc547daa31cc22194b85de9fa8d06bf231ab745eaa403761d6c5f4c03b53d736c7683c9b05d5bcf7d014311d352e541fc4f6255df1fad5b11a9ab8b1c0b3165b7ac9d0186ff146147c3a17342ae6993d49a925a02cdfc8ab03f467278a6eb60a0518f02cb19424d95e334886cd797a655745f637eaf33cf71dd4e8f560e6d09f24cb35df5aecd6d04d99ee5cfa406cf08442c29005abb570d50c9dbdf00c827b651a5bc0633780cd671ed1756643d77a5c0823a3b94390b4dc1f793fb0163158d9e1a45f9912b12244cd329b02f36a38ce9ac254d5692f0cd743301a1bbc2d7bd283fdfa4f1c530b39d22f688504781e9c8185ca147c8d5a226827c1621b27d9571146aea86f5110f6a2257379ac11798f65880c92613eca1261bfc2a9f70f3b90c13d43839f3e5ee8d8d109fa9d4ad2d2217189f8ddc68a929660d1dd74db52afae1595a7c387e048d38cd60f04108b836a6acb7f9dc0134de106d757bfabbc08ae21c82447c8e78fb9a472efeadb3d766312a6c6d8ab5315591d88c37753c1e993f050fb27659f8eead9380503e78c93cf66992cfa770139eee0bb543c812fad1d5c6ef197d44058feccb823e82c0cc2a6a665bb0596e95729edb2e508603333b76c2191c2bacefe45c4f00f370d43fcdf01d0dba3269860aeafd4725d44c91ab113d7439e6da33e6f171ce41137d5e411a6d8b03e50618ed61155d6208c10e94291df3af495e321951df8ff625cbc41d79c62a1e82540d320f6a1b1676c522c1e6cfd8df3d3bcf15f313731b4e9b124f09bbe41ed6b650333f2826599552485669600b8d0f091c80eee6d780b0d2d0c6e3e7fbf8b57b4a1db715ef5e5bddce00104ac97a1a70b992c70afb7b3a1dd578cfccc185bb99fad8489efd6c72192a5a30e288c83d08b67467642b7278718b80ef1f25bc0e8802a37aca9fb1b5f625673d7c68a731ee33b51231ba1ed69dac8d2bd893eca42e834c0165716d9e23115c2c357f9efeef51c9fa0ab2c6f7db77939ff4714cec9c893d74b35d6dfd6320f32be6cbdb27364325efb9a24ef4dc91bdd512972f90f42bfcc1d1719768cace03fe20a10310bc770605b77a9bdaad8190cf65b12dba971f2aac4ce1f20cb369df6272575530a6a1e15bbf9951b903aecee634256acf0ab0031695ce35f30cc3512faeadaa4e8953722ac8796dda7f1a60b30ba8d363b1309ffd04078afd4543e531ce6ef00ac5e66c75eeb0b176f3d32780da70dc66bc96d48ef1aa6b6ef32ae84c0805b46ba92788e8e747d11a9f3b4273d06f6530e6311d81843c7827a36c6dd9499b5d3b13163a70dbbae1ba6e2ccb14f57545a865cc432387acb4d997288eaaad1d0f7a1d291e9330631e21768a428699a30a532f44e3a2874128021575b798afa7e7a6e48a37d1f4049ce6c79f175cbdb6724b3bd43230a4fc6b60efae6783c52b1574968318c74310f45835f4386a5ad1fa72a52e15e13408019e0ee9f753e882dcd9a97b7c79ac4052c74b815afc702d89bfb6b08bdea3e56d9e4bafc00c5b6d0c4502f1a274e5d6e2b2514ddebfbbb293b06777b588872b812ee914447da6baf23196ca817f8cfb2d56c263bdab5becf04418f7f6d69005277698b4b9f658b9ae1836d28ae7020df807804334a43126db6bbbdd66b10f41dd2362f6a5a27e5d7e6e4d671f035904ed4af76a4f55d44251d98530cd50603916be886e3d16dd6f90b662f8934e1e02e7d1af0ff85b6b33d8a975f571bd909cd6384cd1ba240f61e0130aa3ac48cdf9ba998e9564d6be6bb56fa888040170a6ba920b2edd93c564e7617ef1e664eac3d3080d7dd93f17b1cf43f8e3857d39b1ae176991216eeaf8cfe9c46f292094faffdc15a188ecc4356f7862e7ef2fd71a3eb5e73fac41c84b55c002dc9f4581f1d94a300985d2a38bfe0071feb273e67d3eac81554cff60bec24f286d7c6c0322052eb07ae3a92fd3758951c077ce607f07e0c0a1c52f03b01d97e6f953b66fe2be2b25669bed1cc389b9c939e91fb6370005cbd272e251dc7565be2e072f2a7c1c5c3dc2a9b14a51c12f9fec64240ae302328edc9b1ec4c54c16c0f1a5bb0111af0a91b0ef1786bad64d4d378685f88a70dbfc975c0061209f82d1fdde590462b675748e448a947491c7442825318445205d06fc6fae721ca7c886e3f9dfbc516128bfd742d3090a0d4d2dc1146e119e9d6a319c28875d272cec6d1776b5e058d325a2ac18ba11f54cff2ea811b062bcfd1552cc3a3794acdb530399b8e43374000555ff9b6af73b969194350c4441ec52c9f8978d4afdb9ff958489c6f683dbd574a1bac0a6d05b31677d3d4fb07504c11418a8cdcc2c0cad1e04cd39240fb24653611b9e355d8d70d44871d8f79bdd810adbe672f65b29098baa6baecff598ea5253a9912d94e58cdcdc73b78f5aacab06708140506c3c8257fa216cf01f383ac4954b88f60ab50a640eb6c836c0298847be4ba748d135d20c20d71f8893f191f11f303c8e263c8b5b5f38aeed9ae186196c1a30c3e812e3de2e642c7e36729018c8555244f0c3f62df953335919d210ea97fced20429ac16f45c1103370f8704c7929f793bb35d1a1e1dfd40752b6901ff65cd1281bf20857a3daf0deaa1c568baab6a2f8a34a1c83dc079b298bee060c33329361cede9c15827b99f60815f55f47d1d7a4fccdfdf878090600a732f33f06c229aa9fa045f6d7a65de4ab74e0d6b6a09592019b850f05f4fd113e4d682e920e5c6681b34d73b0e8b759e97527b11360b816815a297b8a5cde944c34456ba89fa8f1ec5634b44a59e0bab160da5c81542b7023e1c5d31771efcc702618fa655b7b8ba7274cf05d626c37187f54aeae5a38c40c5aee9b4509f7d5c093f75dc392128e6a9ca24a896767d969b73ec4db15cb7b14a94282cb9289366238a41ef4637316093ddab61e9e0e356ac8dca19a861474da18e80ea6cb4709bde1d46ce4d62a58b45ab7a29ec039d86a092c04ad3be6659cacb94d80c80c7524cb7a5c881a6514154b12a267d5e7577bec16c5e376059c6bdc2bc9d797e9aa95a57f26fc6f5934cc28b96b0fefbfe7587a5895eb1e7c3a9feca0749ee857c0a1a88a32a3f0d82a3eddef88a9bed931853f52bd2d2e7853a11845e2a8bc2cf9463c3e1f48a0abb6d081efad045152627022a9e6266846794d1ebeb2f2990a55be7274f3054e20587cd100caa15195ff7fb67a7a150391d81917fb9461365a0814998a2f94215194ed16e69807f4d8ed6eaae64a0654c0a673f6787ebe40f6c18515bdaf461c6537b797013da33783a86f9cfd3a6a7d5a7ecb13a1e96de6d4cf5ef2109bec41cfe6aaad2508e6c554dafa4fd2f39c206450953fb517da4dadd4baf022981edefecf787f8be7b1ac4742e7b5e342b2da5f56d80b780cf59b2e002a8bd6aec2d19748372d4b708be7ca5aa306f1f950f30314699dc99b4ae3f7129ee8994ef2bc46972da744434f8fc701dcf73435e946e97b745a60cb9045e7651f8c4c86f0c08f47323d2dc85d42b3340e3b9b85f11f45a783cd7968b70b51fa956362afa84f13e61a92149559507db5ca9f492a939ae122f301e106bf9e63d44ce7e40d88716a128c678aab7c198f447d3c4a9d904c37d3ee169171f5e6892521b3168ee9af46adfca7abc2d89efba82260723e03718c89197d6b18ae9304f3cf87976296e50902a61804ff4cda1eed4fb3a0bff62505db4098496b11dd9b146ef2ac9586aeaeceec37893f7e4127178bf8b4feaeea591378ba02567a3ae3a97a8cd3d8a626f16993b3c297aa04d099c9072d7135d6467261203bf23cd2f0883b7872d6d07a4cb76e213f685c83bc611bcbed478ad921e344e6f4c40b5b04eccc5753bc4f4e5afec687fcc8a0779c625136522ffdf55dfb235d07045f47ed48da8e6297f54b5311d03d38885876f3a974edf84dcd248ab2d3ba06b37db0101e5e54d2ec1b6cc41fffe2898ac499cfe8149fa5123b01c50b2ad1493368a912d680bc5c923d3b020754dec496c24848f948ca9a3cf7302993cbbb5a9d5ce2f4b91b9753778d24c9085a19480c6a449283aa4902ac6627be2219a1ad6635a6e23386d9e334e048b9f2f22731505feaca0abf543cb3ea465522c565b6477f7403ad2c48a7fa1a142111ab7af7a68efde3524677c73d5500a4bd7d359c2f7e7fd42e8bd9a31ab204bcf01f872821b891acebd70e6c0ff634cbe1f6243819b6095776523e640c2589a89a63cfcea670529deca1b09a0697afa5330a3f93f163ce77c6ed28e41401943e94286fce92ec2aa2914ecc87b38bf85fbdae99d9836c4f8891920e3ceb0a14bcb75a17fd554245b2ed16928abc3204e8397960ad1ad0abfeee75602695d2cb48f7495899a7751bde20121c424db283e385d5ce477ba11442de5caa79428c0a164426e050b3edda98bf5864c1e7126e46bd0a3b2008abcd18df6b8f568b1ed13a4a89a44d297fc5ea5f70d1777381181ba80983982736e80fecbed5e325", 0x1000}, {&(0x7f00000011c0)="52ca70288ee67a1d250e9e86ab6ca79d3a8f1693a63992f1b2daddda5d235e034bd58135e8099c6c23e12c99993fb8e0fd8869f23afe54a51add84a3f2bea502b8198063b75bdd20e36f063c12f67f9c2154652648e153fc18797488402c891838e6ccd63ef5336840cd1a9919eb4706a0b563610b64dcb2dd09c1a2572dd8afcedfed02350728b1a45d8056c6c42cf7009e4fdc09b147317f446a4fd90b8d03afc075284e916c0e5024c890248b2fc66b55505df9ee6264b8ae74b437980694b3c30e579ff295beb7cb55f8476716bce9fe2c93ce64fdf9f6142b51dd54d78d45a094c6e4a17ab62c7f10a1928ce3dc651cd2", 0xf3}, {&(0x7f00000012c0)="919b6b1ccc64b5af83207086ce195b6f7fe158b75812da568cc3bf0d240d8570db3438bc621613cf36aff854d723fdeacc169cfbdc8a4185e1811dec82e76b8eecd0f3fdc46179e1f9abd225baba5124c95e646f19388d3913c8c71ecfc8e32c5f8b4d2b170157271890489b4c0cb446c4a5438f40b2de41d146956d83fb54bdca62f31a70344c1ea8372627dd851a9c11c889eb76d0998cf8baa6f21707b83e5f9f03e2c18c7b506cc65bd06df64c5c4e33d22fde70e788b0c10dee53678b1d0933fb7809dd91b8c9c4eeda24e3492391f3b2", 0xd3}, {&(0x7f00000013c0)="3f2ff8c3424d9c92c3ef7a2650c60740025c24ce1701fc82d51317eb0f899ee784e23c1007a64dae", 0x28}, {&(0x7f0000001400)="692c8da6a5735dd4db26bdb57a4dd0b2b1ad875e1a16389309f53fcd49bb6fb25d3e02319b9ee46cd1ea9f5dd7fb5f089a8d9c7e49288215f4ba3474dfcecb03ab822b5268a812bf2b0ac13aac6630794c40c47538e391fda1b555bde1f13a34b51c3a523f9bbe2c659238465eaf5e498499ecb2c26efec5521f5e2ef34547387780216a9ed53c441c1b16a36b05f12aee4420b40a7404ffa6bf901918836e", 0x9f}], 0x5, &(0x7f0000001540)=[@rthdrdstopts={{0x20, 0x29, 0x37, {0x0, 0x0, [], [@pad1, @ra={0x5, 0x2, 0x6}]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0xfff}}, @hopopts_2292={{0x20, 0x29, 0x36, {0x7e, 0x0, [], [@pad1]}}}, @hoplimit_2292={{0x14, 0x29, 0x8, 0x4}}, @tclass={{0x14, 0x29, 0x43, 0x45}}, @hoplimit={{0x14, 0x29, 0x34, 0x10001}}], 0xa0}, 0x80)

18:29:28 executing program 3:

18:29:28 executing program 3:

18:29:28 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = dup3(r0, r0, 0x80000)
ioctl$SNDRV_TIMER_IOCTL_STATUS(r1, 0x80605414, &(0x7f0000000040)=""/236)

18:29:28 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:28 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  409.765842] Bluetooth: hci0: command 0x1003 tx timeout
[  409.772990] Bluetooth: hci0: sending frame failed (-49)
[  411.845567] Bluetooth: hci0: command 0x1001 tx timeout
[  411.850935] Bluetooth: hci0: sending frame failed (-49)
[  413.915627] Bluetooth: hci0: command 0x1009 tx timeout
18:29:38 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x541f, 0x0)

18:29:38 executing program 3:

18:29:38 executing program 4:
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x4000002})
r0 = openat(0xffffffffffffffff, &(0x7f0000000040)='./file0\x00', 0x202681, 0x101)
getsockopt$inet_sctp6_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000080)={0x0, 0x4, 0x37, 0x4, 0x4, 0x7, 0x800, 0xffffffff, {<r1=>0x0, @in6={{0xa, 0x4e21, 0x2, @ipv4={[], [], @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x5}}, 0x1, 0x0, 0x6, 0x8, 0x8}}, &(0x7f0000000140)=0xb0)
getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f00000001c0)={r1, 0x2c, &(0x7f0000000180)=[@in={0x2, 0x4e22, @loopback}, @in6={0xa, 0x4e23, 0x0, @empty, 0x40}]}, &(0x7f0000000200)=0x10)

18:29:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:38 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:38 executing program 1:

18:29:38 executing program 1:

18:29:38 executing program 3:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
getsockopt$sock_int(r0, 0x1, 0x3, &(0x7f000059dffc), &(0x7f0000000100)=0xfde1)

18:29:38 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x800c72f, 0xfffffffffffffffd)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

[  417.962991] Bluetooth: hci0: Frame reassembly failed (-84)
[  417.969398] Bluetooth: hci0: Frame reassembly failed (-84)
18:29:38 executing program 1:
r0 = memfd_create(&(0x7f0000000880)='#em1#+\x00', 0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
sendfile(r0, r0, 0x0, 0x0)

18:29:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:38 executing program 3:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = add_key$user(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r0, 0x0, &(0x7f0000000200)=@builtin='builtin_trusted\x00')

[  419.995731] Bluetooth: hci0: command 0x1003 tx timeout
[  420.002095] Bluetooth: hci0: sending frame failed (-49)
[  422.075696] Bluetooth: hci0: command 0x1001 tx timeout
[  422.081089] Bluetooth: hci0: sending frame failed (-49)
[  424.155662] Bluetooth: hci0: command 0x1009 tx timeout
18:29:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5421, 0x0)

18:29:48 executing program 4:
r0 = accept4(0xffffffffffffffff, &(0x7f0000000040)=@in6={0xa, 0x0, 0x0, @mcast2}, &(0x7f00000000c0)=0x80, 0x80000)
read$alg(r0, &(0x7f0000000180)=""/210, 0xd2)
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x1, 0x81})

18:29:48 executing program 1:
r0 = epoll_create1(0x0)
unshare(0x400)
fcntl$lock(r0, 0x409, 0x0)

18:29:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:48 executing program 3:
r0 = socket$unix(0x1, 0x801, 0x0)
bind$unix(0xffffffffffffffff, 0x0, 0x0)
connect(r0, 0x0, 0x0)

18:29:48 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  428.133737] [drm:drm_calc_timestamping_constants] *ERROR* crtc 29: Can't calculate constants, dotclock = 0!
18:29:48 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0))
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r1, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:48 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:48 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:48 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
preadv(r0, &(0x7f00000003c0)=[{&(0x7f0000000040)=""/30, 0x1e}, {&(0x7f0000000080)=""/174, 0xae}, {&(0x7f0000000180)=""/93, 0x5d}, {&(0x7f0000000200)=""/130, 0x82}, {&(0x7f00000002c0)=""/198, 0xc6}], 0x5, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000440)={0x2, <r1=>0x0, 0x0, 0x80000001})
ioctl$DRM_IOCTL_AGP_ALLOC(r0, 0xc0206434, &(0x7f0000000480)={0x3, r1, 0x2, 0x7})

18:29:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  430.315554] Bluetooth: hci0: command 0x1003 tx timeout
[  430.324443] Bluetooth: hci0: sending frame failed (-49)
[  432.395613] Bluetooth: hci0: command 0x1001 tx timeout
[  432.401052] Bluetooth: hci0: sending frame failed (-49)
[  434.476256] Bluetooth: hci0: command 0x1009 tx timeout
18:29:58 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5423, 0x0)

18:29:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:58 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:58 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:58 executing program 1 (fault-call:3 fault-nth:0):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:29:58 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
r1 = accept(0xffffffffffffffff, &(0x7f0000000040)=@x25, &(0x7f00000000c0)=0x80)
unlink(&(0x7f00000001c0)='./file0\x00')
llistxattr(&(0x7f0000000200)='./file0\x00', &(0x7f0000000240)=""/4096, 0x1000)
getsockopt$bt_BT_FLUSHABLE(r1, 0x112, 0x8, &(0x7f0000000100)=0x237d000000, &(0x7f0000000180)=0x4)
ioctl$sock_bt_hci(r1, 0x800448d4, &(0x7f0000001240)="1ec0452b48a79968f21cd751f7e1bde000c5c554bee3e2c923434b643e733e01e3614165bfe90f6527885b3ba67102e9e1edffe2dbce08998f15019f974446bb991fe87a74c0edab94575a12f33513c6be608cced3a58bd24df996db0a7a156599187cbf624017cf76aa6f5bc40d85946deadcd3ffa9ffa5ac0f899ba06f3b9aae2019e0930bfe106fec9034cabbe9fd5d7f2d8730a28b7bcd9eb542193d9237b17abb9b874364e2655784a28aa769a25b1724a093a4728340e53a3046fcd6fb4f4dffd92c284cf01f35d3ce2483ea14e360c6928424c6e094d17d3c95881041a3da9c69e4670a988dfcacc198f59d0a9ba75dda5c30c23dab4363087bb56ff8ee8a17149fb158ca83befcca3985d6d4d80c1ce32a57032db6ee75599a7a11e973cdaabae0ad072aa7bd33cb5c0a58a70e0c8c29cc705637e897a1adadc2fe705e2d19940a5eba7b50d4e2d02a29c588b69be5791f227d95a316833824520a8623690cb085910694714c0890cdcb98016e1c46682d1312e249c116aca891b42153b4087e760700ce499c48845dc21ba9c0ba96147b1e4027783d988ed11058dfeb57158ef6e6d9e1a6a2b7046a3bb6f7aafcd8fc0c9629f53a3dad50fc7906c416a0d83fee662a2c3e78ee4a29d1a0d840ade61d4a22d742cb7c5f3550759ab122cd20c7345817a004782b3685cc2379d976891f644d7a25ede7607ebb3cdd8da1e62322853d3f57a6429dc0bff333a029c388ec3b226ab0971dc63b1e1dee5e22787f5abe3a6e050fb3805f7a4d29cebbac0ded8448c3e927ffa5f4fe0684c46e354cefa53d18032eb5c228b17c1d8e0e6f182a9704ca454cde150ea74f4ae349fcc62d21b88a70b17a677b19e2320b4ce8beca93675a2ad8bcb147040ccd7c63b08205513d783a6ba5fdbc1eab7b960e5296e44d7ea08fe44a3ce0c8a47db5c9a8340ad469c9d47ed24f8cc4e4d616407726e83381b927db3d7dc27f80a0501026bc3b3d2466a09fa999725d820d74aff274d8e8ee0cd73cc8138eba646c4ef85a8e79284932472f5bb129f03a72f83050555069c0d4e43ebabb45741704d4f394111062c92fe07c728aeb2525de39a4c686b7c7f8c17f3ce173e3bc96ee83ee289db51588138ae56aebebbf0831d2bfe90b047f841b02d68cef16e88a8ecda95716f2558fe150e6d3c03de99b11206ccc0fa81f677ac44691be3dde20740c182683b7dcf0ce4e0349a94f937e2422f065dff18524e5415e27d302f52bcca6d8f6a39e789b9201e80c880d515db3dc88efd94e76a87561d10c52aa7e1c1bd9c328e7a14208faf064c71a66098e2d3450ae22532d52fe6cea010b74decf6bfa804c28ab7a3a162a73e3cd4a8d18820e6d578fea4e5006b061b656410412a36128b771ebdfe8bd5573854d7050d60e2c088f6e09976970aa84c8ea833a491a5e4f45de4c3643a17a86f6be25802b0faed0cc901da78cbe6a1e2ac287642be9f4da7c05741df12500f82b2c9db55d6e2f31d446e8d7eccbde07459f3c605ab954a0dfb0405d9624207b01c374e20b04684332767b3fcfb4cf3847517c7ac728b20690ee95e65ebf2107e3517e3012c19ed0a112bfda46a0656bca84c76d82dc479b6fc09e2cf42af4f5de864e4f1ef98753e6e428e73c85b9018d008714d6212212d4de7f8c8eaba316933503269caa2a49dc527ea50d4e47cf7ad5c2b65371763017dc440bb7c2b0e7527c255711dab7e33e17bb13d564efe7242ad2565b94e5beef5ce027c78a71555f7274ed7fa8b2b4bf9cbf6a8078a2a0b0651615ce8bd7d53c994373613def7dd455ae6711605ad6752e12ceef6a7db804b83ea5207c20d58c07ce410d2d5e14b79c200a72a099e74f55ed6329c861c80bb9e60221ab668abf4d6e310a34fb3ab96f9077d352eaa5f5301a00317a63da3647388ce7dff7fc5442d9446fb03141c33377a15800cd788c47b68ea7defb037ac70e141f95afc66d572747edd086cf57b544d09f559c30a774402248f60081e4f56ed9deeca3de6ad83ab7c88d6b8dc1cbe92225f68eee217dfee70752f235d5d113249ba8c350cc942e6e745b529078c96940da7662dc10086268f1f921d7bb54725023b8b2ae86dd9056a5d74dfb6f327c2f0a381cd5983ed3899c285b7ea709f19109596cda9c60dec76471dd69bb166fa44203dc85f890c69572ce28f08849337dd20be0a7fe21a94ce41ade61854e4656282fe9776476561e48bd8f146af9a132add3c850593a34d6207f3ce7157c0abd104eb4f5f9c9e4d8a2b4b9c3243ca9d99131a22f8442675da2ac015a995cc7639c96afc38c72e96602d9ce5c034a97a28b4dda4a7d0165a8b3a7d6262f177c6c824fc7830c552e1413ccd8cc6f94169e89f3f57be0e7d1d6476872024459d879dd462fd555e517096c97c6b3df3e45b04bd8fd1eddb7635da62859d686530125e5397865628c6f750fd9c71c154037ec1d2212d29daf355693e6ee005d09a4904aaa0b9893aec4ccdb5fd8dafbf64753502d4af1b318ca6135403feeb3ab2f8d3c33a2482c1b06eb15ab40573e7dccc316b834f3623c9c7e5822b57b6daea044578aee1fbeb9357eb1d401038b57a5a2ea0deed9d4459e1da9ba12ee86dfe620da608888ec18a4b44fc31fed4c2b91d948e723f18f3c3c461591328e18d2a4ba3aeb08185e961057c81f640513d702e8e0bd6b3ccb5bb3f79360ed85f9235409422435299f6b658f701570e2e016199d17e9d986d07b8738490e06913bff0be9f17399ebabfbe70251ab42a9497ce6bf59d44284182f2a87ba9dd889e656e09db119508a6693450b3ba22cd49d956821bb9500e5bc8ad45c4696a91ed25910d641b952ba46ddd17d4d9367d3f5cce2827ded897670cd658c5a47ed9aa5e5196c49df1c6c6eb2ffd1b4277514bfc7d0ca3500846fdc5b897b47673cb821a8bea739789545fcc5a58e7879f971cfdffec3fc093875fc4e10db55fecf71350887b0da07e28617a8ce3b460438baf77871ef79463a24e9cbe009252c2cda03bbd0d4dc246d1c8256d2ae143e82bad74c4f77c61a92063907e3f571a680e954592d2a17c934cfb3217afcb42275587e9a5602dd0b758e64d442860eadfc855febd329ecccdfd24fb55429ed02d22acde4d99c1b93a31d2d12588aae5205db0611e082550998cff601952d6188f9dcd37ef96beb8c63ce8ccc3bf9b212c95beb1901ea7183190d3beb9fe7281e6218b3e8f79aca363533a117b319e6c095ac2dcd46c0c9acc2de5c88d7d22320fbccd8ea96654547fefa23d20fa6fa0efefc68c1edb603ad66e6fc4bd099550e8451f85894dcc94c4a32f4311c38746679577b7470486e08a2cb23c01bec3a2dd8ca687c5bd8de24f8969fe20a047b85f3ec662705ae231c8f673ff0b7f6b566846b58d07ee68d1017d0581ed42ad1cab9ef697791a601b53a51c06f8594c972a90c41fafb183805a20915523f23b6c710fc3864ba3062669462a7088991492d9a49b1f0c41c1110be6e0f8cfb6aba1f91ebfc719f138823ab02b43d6921a9125818b308f9c040c145642baaf9298e4e0df20028883c9020b6033af15bac0f23f5aa7205b719d34a09e988c324e8f62faf9d18bed2e80e6321e02e891a04c42869df28138c9f950c30da0e8610916ffca9e122b888477e96d1658e69dd4b4827e29b92d0e3a94b04932371d0a81630fe2d56aa092ed5951b06910fc6af6acbdb3a6f235ef7ed35f77e1398894d753427c87eb081e9a5b7fa9167489eb4be2cf19ab3b436f13baea78c6cc3c96bfe5ef11fa6131677b85f22551495feac4ca4ca3b89cf673b8eb0392a36a0d04adb9298e3df14c8abd6201a8cbab1e38d8528ef820874a95434779d8a7d2d8711afbe75089e0482c5a0407e2c40c4e13b0fa83cda68374be8662e1b2ae50a9732dbc729fcad72e133108a7591f986a5a6ad4b03a78b8c572a664705ae1ad77c776a5a0ba95495452fa3e6b21d599fddec12ebc8597d82f25bee7cb1814ef38713c957ca0470f00996e2a82ddc26dca3b3711969d97d601b2474d4e1645d31ca62905d1282ceb493bb542c6411cf0f10b7d1359217e03fa2a3f90ccb4ea8a9c3df952b6187673c691ec09af8d6da9c6f5b71952ff4a06946e72eecb6f4b4395744afcc2aed0375a1ecf5e9158e88b89363c00ce24218fea8f34005aa544946b23620b31e21b6fd40b0a99652044ef7bbbd85096b634b5c70a189fb18b12b9cbce7090b1cdbe82f7a5778510704ca6de47ec61542e1606e836852b1584e845f990c0cd9622c43dfc8f2ea1b696cea54902cfb4d71363ea76ef96b162d7ea64bc5c95d755cffdff047878dccdc675622600ec098f5555a45596140b3a4212ce69b47a7317cb355ef2106e31228b4368c5da8bddcafe2b778e9c9d6a3ee9207d1d5cd41c0275cd9a6e857b4948ae49f4f8d7771b352bcf5d46bad8e9f364e9a9233f8ae00e430309e118bb15c2dac7d31c3c8a4be9441b07bc809b3cdcbd3e461ac01cb6d3f111759f28e65c4bd1b821e17a38dd6afc57fd4594b37f97d38ff5861aa93be3939ed212d7d885c0c3b640ff51c02fcee8d4515f52ee6a115669dd74530f1add1ea13cd451558838c80faca507a13faa6cf901e21b6061fdd73c794d9e3dcb834e8f477e53cc874066ce4820ce6b1d615ecfcab1b56a32345a00cbb9f6bbf9431504a0752441986a3e7308ad84bf24cf7647488457cff2a575a95dd340fcc36a0935adc0afaa2bfdfe4e60d21abefe30ce4eba1d88734fe3c0dbecebe3870e6d95d5499acfa544b34e718ad7783184567b2e930d14e9fba43a4bc1cc6f8d17d5ca6513b030f9341bc8fee777e45e4765962b222f9000762de7c9f04458d206ec20531b911abb2e1a9f2af88141d1a3546bd71327d666247291b4d4d80a7009f597d7a138fad779c0b4c47101032df26d61a788fc4268954aab4e428ef8b47648355c9af33b5c9de77f0020d33b6c621a171545ab474020e7840b9510eff473de8a945310a16a01cae662b5bf899f0bffb4ce79c6a264272c950b296b92d9acff8ccea3c5bc4edf6289397c87824742bf77dadbba8dc3f3237ce84ec71e1570e28df93efe0bdcd062f22c87a5cfb250f170102dd455cabfa0d64447f192d8552104fc4b494c2a39d6b27624efaba86e11c1704c292181181cadb32dd76d4f8754447a331b85e1a7c2199c71d2a8790c7d2b7ebab9d44c33763e97689be2677602aaf51d428dd1230171409fdad0269d0507a7e1b83e84fa073b0c3855656de419120635a8a32fbec2cc96adac4f25b535b4e52e6c01e4dadeaa5de7b09be33c45606b88a1b7583b70028e6a8f19349dca534d092b9e68294b15c51ae0eff240632b8cb46e81a39bf29fb5fd0f49cd5f703677d9e7c42101d54adbe8c068b582af8e86d141af3824eae2e5fa8b2bc29885d3ee1df6b4165035cc66bddf969d145150b4af3d00160cbb33198d46785dbfdddb8feb4a5e7ddab7af7b6a15d38b459f70c78e81a0ed1b267f1e75066cb049a3f0cfadf0b37e6e93e78e201baba4eb732671f5707ac9eb469fb650b296820f0dab9d0e9adb88972d6b677fc2cf6bd315b2c94f6a63f03a21c49f69734ae0984451651295b5ddc4f3dd5e2c8351de9422da5132a16d73384878b5e3a086f9b46f47b5134a82aec3f90e8e531d29570b7faad8955f5545f0a3dd81c5dc1ed358d260829b28a23d86134a02d2b3611010ce1d7ede23e6bc82c8661e566cc28346bc3a4eb49ad4a6163db77")

18:29:58 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:58 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  438.389228] Bluetooth: hci0: Frame reassembly failed (-84)
18:29:58 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x5, 0x200)
ioctl$VIDIOC_QUERY_EXT_CTRL(r1, 0xc0e85667, 0xfffffffffffffffd)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000d00)='/dev/sequencer2\x00', 0x2, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000d40)=ANY=[@ANYRES32=<r3=>0x0, @ANYBLOB="0010000047dfd682ede7d7ec807749d06da8b0a67bbfb8949e30d3f75206d4325d0ada52523a110761c810c5ba001ad309cae5ebfffb4776a024dd82bcff065a3268a6422759fd5fba69d40f01e4e08d98ac0a93c3a60ed958050fb8635c436fe659269ab88bc3f3b462da83394e5f3c78dc528f9d53ef753d9dda2e9fe152875ff271ca8d0b3bdd4ae63bbdaa6ac68b27fe767ba9368d2c46510cd2d349977dc7633b2b99a2c8c14818c78df2aa0835fcfa93a7be5b4855e93c47e27dd7c589b7f8a05c78590ae1aebaa7fc18c8d23a450de29eb7c6bd2b83b04d19a19239d46b3d7843aaa6c72b25c1674bdc635838d033583a9378ef9714f4c3d790ab2fc861c23b5da788f83c4908b3970afc8ad5e8b33ac4f774fb517fd3f3c9941392081bc24f5dc87d5401ce224e9883263aaf4b3f8e0cababfee0ab4525e82304a103eeb12edbca553f26cee9d51cd2e839c059a2de97d173326e798a6f53e1dbc2f8c4c5923d30f1be9a5d8159c31c367cc4505432067694b87003dcff669e5ba80ce94b97898dbd93758ea138af6bec91c55805d3f717e20ef79a8a0849fd1293c73b84efaa58f15e41dd5ba7a068e9c776127724a2428b4345071c59908ba3e0a1dda6d9b5c380d0105faf85b67f1f90e882157258e38ab99ccf91f912c4444f331facd90bd2228a6117cc5e987b056eb01c4bb66e7fd91b44a7320e5b29f8ccf4f7a0f23eecc2bc600f462f671ebdadc31fb0f6357d5466202a5e9de7b8e7efe8a88746fa4f6a2c65b77f3bc5d96c1fff8cc397fe208c2578ebd7ee949b0e38e002fa7adc045a52dd898f548169be06bc8b902f2e76c8bc696f258dcd4ae0640f01b3c80d7d17a8129041beb632b75eb0e09cb212b479c12c420e28d583d5ca1bf5244c840c4bc7157ade2e51a0af620ad4fa115189a7919d3f738d37abb36331e936888ff71e3c406041cc2fa2fb714d311094f08f397ef7ede8ee6b4776c2207c213087ff86fa299e2db7111c4e979403b82a120322bd49edb13e22096f95ce855d43123a3611198f405b861d0021991a5b69847598aeb1608d4808cf0932b402291e89b71756e2a8e35ea8fef2ba150cbe2ee5e8f4f8b95aa2ededc3661397ff6693740d433615dbd15ab6b08a2235f68b25fec00d96af160599dd5812418b3d050741a4e8b84b3a5222cbf7f44709135b340d54f4f266d14d66e42d9986687ec6edd7b76f04057123bd97c9d4b64dc23b78bf81786928e6840b52cac5c07a732ff97b90097b904f91a6abfbbd85165b8431f8300a2c725ba0c6525642b251bb03d6dba6c9ce608615905f1fe573bcd3c8ce59032a8cb6cad094ae0b65f43613c34dc4e14dd3db7847ab0ba1c43b1274ae28a71bb7f6fe069e94556cc45a80e09a41b8d096984bea2661aa0f9a34eed459545bf4492eaba3978a5998b0c75c1e0906c275d4d98c0c082eb1f19780442c26cc6114fb5c5dff0173e94cde9397bce673f165b9055768df586d0d534f96ac72bf77fec6e005a7d4e31efaffbe42e1cf96f8214a6ead7b759d14e2c6c35ed7f373861bbf2c5f7d48ae4bc4c4e83ea9059920cf115401ad00b485a2da5ca51975fb6a2b1e902e640f0b757fb9bd5fd50935c82aaddd20a7214ae4bfe9c44c3d0a2e1a07b68267673e2542ba349d8710d561355382e7b501af2230105cfe3ee1eb324ca463323d8514e3da4084f474709cd54b71ac3c1cf88887c6656916d5d2c5d6023ea37a16eaa01c2ee06cdf3137c13335f2e3cc70dc35ef3505cfcf2f7bf1ebcb606133d8be785d0c5d72cc1e245ce94c79318a8eec70c72d550afdf86cb2f995fbf4cbc775fb737627b3b7fc665daecbe70f25fa8bb6128f38e3739650e7f976142202f208a70262dca221d5f3ef84faad0fdf6f46025b001e1b98d89d4b540b91d0fbcf3ac47d6c1e157bc687f57c2b9e71a2d442dcf1ac3e7edaf5fdd7eb8115c8cbaea49aed77ebb6715c0cace909ae61346b00bec5bbffa2efb3eafb08f6d5c05cf32541fea2f700750151444cd202c001bcba8a091c36023eb0e244e3b52945e9b90368934fc997c57d04cfc2e9bca869a46042abadaff6d2b7b0e95c56c3dad423a103db518b25e38a04cb41670cba34c9a7914c18ec65823bb568b963401e552711a3874678b8218b3251cd92952ec1baed4ed87df2d02fa0e7f3b6ec7605e8545f801ed292494010bcba77dbe2cfd0440e2106153a63c62cab8f04ca83dd0e2b991f0c7f5492645331929fc90dac6ded186a5111fd1191f52e484b7843dbbb8207d05cf3b1e678b7e2a30dcae06b5d08d769756f039e59a7ed53579127facfa1d5b5c53d8bd11696dc71c9513b1a1f338efc08fbcb3b4c1ececc23e8cf8e67db3fe3ddc0bbbee4d18380f32a41446ed868c356e169ba5e4df4c5cb67922e1f7f0568d6cee01f41e8b67b65b3c77e4796b9b7ed3629263cdef30039ee084cd7cdb46cb72b666c56a7c1e6b18604a0fb7c44ebe79a3b5072219432e5491d8e219b07cdd3074c89ed9310179e0ce628d457d733d398a276f60376649e71f5c76c46ced0291901e645a03cbc3e2799b322e1dde647843ca91e13d693bdb67f5de5bae42a4fe7821a94fdeddec4f6ad504eea608855114f23c2df441c5dff2b41852c667677ae84c92fb6521894c4aacd6aa8f3cffdb1feaedfe569db3808beab32d2044bdf9d22bb9ac0049b1f3ea14cf55a58e844fd21fe68677dd5e8dd733e0d28da905fe49eec103f0e52c6d1f8aefeadde9ae4fcdc5396811cd78c84fb3d14a89ce52f74f6e481e64371f069d93403615bf615144cba153ebfa2fd7a7b922deb31a72ed8ec9b82498bdc09e8503cb7d78c7a27b7cd562040a2cadc8747619320bd438ddf9ab151c365e105e7091f4bdb2611ea0a098b3acfd7f4cdc852d0e1d7bf6a829d2f68f4fbd2394e5a1a5e6ccd897a7dd810d39ef689981301016dd6c3e4b938d3a9203323de17faca70b3268d4b31423b4d05554a66a742041403785f8ee8cfcdca70aef43012aef22eecfb737b3ff3697fb46917a908040bca9222c92911a290fa3fbf9b9fe1b71bd88eef40f30b611a00e9e7454f0965a21caf788e7a65689890855199f91c9ff589e12c25922ca25cf62fe23f8759cb09acb331057e3a8e95e3540b79252aa26cf05846eb1212553312508c6e3a9a031764a8d6d9172134a0e56351f1b088f339959bc6bbe83aa2fa1439ba5115afc5d877b718f7bb6a3ae276b227a4c096f51ecbb539fce31324f799f8fe468831499716289e5044fcdfcb294b73f14b3da7944699679a8eaca1acc46c47e7fb0c2757a7f22c213941a6e445667b60dc3a1f17a2fdea1bafcc5373231c42c856c4611859914f2e5b1f398fc53a98666104b4292ce95a4f9262807244c0732459cf84a4ba9a33c943a458f550c554a6d3e7309ebfed7300b07195de3a1952962f5d973678bd48d46b43f2e33595e6d52414ff13f26a9ad817d076b7bb526496b5561cca370e0e929c0ada262526e535571c1e76d6175b24d47ceb8c43c23974545e336017222b4a37f1af78eead11910a59d9a4645a032ec15b1e559f4dcacec798656677a2c3a04c471f40e72478c8a4db81bd877565f6919f6616360d33447b4d1bf05bdf5ed6e113881bdb1bdf42b8799b22cc198af94759102b863e8a339348b8232673849842bd858d4846b6d3c405f477935fcab89c60f8733b66a61d2ab9c26679361da75e3dabed2475dfa7a95bab6a37a46d753f4529431aff09705a2ecc06f90ec01ab91400b0da38bc465ea8299e032767bc43c17d68c9eebbdd3ee7e9320b96b158b9e8443fff6d3c30ae292707e99f4b9406ad7f3fe98adf4d7c671814166bca28c1e69d41286a4795a864494ab6328189d190735ada8f3d8e3d5b28e808f9e08536760ce6cb035ed93d0c7a0bee07631e55990caf61d6f3609a70fcf553dce97e932af4afdaf0e7c3eb668eef48a3c856cdeea41570c963002170e52e70b87be33020344a6b4186596e1eb90b49a1cb70e837479a6b688919dcbc9100cba2f3a11a7bfaf68fd7303abc86824dbeed2f6cd2e5b799c60298cb828ade6b2fac568522d6436e25620a67b31fd78d1cb23201bb833445e623bc68d9f2f3c293d5f5b1711e10528e8df054ad02c3139f60a94fc75bc0c41d2120b75285ffd1912f48a1fde9a6c3cf444e98185eff8b2ff5b160250c5b685b413593f50f41819939cda6b33f3d447981f14151309045fd71ba5c8b4258e1029c8fa0642c0904e5eafcc52e2985c31f2f3510766efae8d67cf991f6cb5546ff1e9a8d37ed42f3c837dccf62487c414448ab17759983ef60eeb5014e0ae1b0013e879d1a0831c5fe56366460a715ca3b55feba1d3fe6bc45ccdd505f1cad780ca5b6dbb8a17ed12e74eb036298af35487cf99372b560f65aced1b5fd39d09a4459a6f7d322edf9ef818e7cb4f1269fbe3fca3da7034765e195a2e82489ed7a7c59a786b5cf10326d7a891415439e1061c56575e27415bfdb1ecf3c0b824a969118c0849d6625ea8724f9eb0d4de8090bd3f4e5bd46fd93305be7e502f65de12a75627952dac578c14c9d109dd1fa80dd3be9dfeea07a792507ae0cecdc83574483f14c701e378953be8c74718bf2331abee2ed498ecb0c2b4da63f87ac924eb2db0c74f75fa0057e87d4b2793a0b55b43c4f48b75ff52c9214cbe27de18765cc2495277e8dae9a5a2a1676e7eb4b091a49d42f016452e8f880e007f4d402f05978e43c164628eeb5265113c76c02797c6b7f0ce732ac6cd99293419c6e47100b3bdd93046eabb4d2444c64dff2e8aa8a2b1d925e6111359db7d85b6a580796682140ebad8c31b81e5c79d20959d359bc02b315a46eda59d438eb724b5cde0a78eade42317475e062cfc0e9b70678d96ec1537d0a1fb3e3d7b691ccd1c5e7af0ba39f776f9bb22d3f87e00abb4665834434dd16992968e12bf34e5993d116e1a49aa3c3d2e2620d4f1bb8202afc2e11e535d79f4e3332d7e9fc0d53cf324f10543b763472495f5c3b74eea3292e6f6193007425d2f6eacffb30e8f9bfd5a26697eacf4458f9e08f665fba7e22ba2601e7bd66e7580ed3ab0b1487a1b840cd4ea6a9ea385c0b6838d2f4460e317a97211f8f895aab102efe6baeb747df1db3029716f9b6fa2a2575a3b561f58919af8c58b753522d875e0ba388459b6fc0a2eae912c8379a9027108cd31b3902802242ec67dc5d2b93497784fcacd9eeb6d1e0ff72dd6bb6224008cdc03c4d0afa922686727e51f8926acfae3384bd2388a0bd3315b9269ff719a265653346bef764a5efd5e0467bb60093c2e2700594a9c0e1ddebba92e5a95cd55bb408639c31e177a7090f8638e8a23e2b1e57c4a37593bf2aa6b97505741db9fbe3e81aa0b83b5ae44921337b70dd90b72359f09a870f99d7f67ac6ff976fac1c994085cbb95580a181c9bee5d2720596146ca65aa5126b84d90ad6058f9826699788f92cab73e80c889733c6271794857934cdbac4c849fd2c0381b94b16ac863f613182ea72673fe65fb015ef57b7896f98ded7117e7bb1eeded1e0db21b836b9fe2d86bbcabd34bd41ca9ced7820906ddb100d04707cbbd0a4f2a35482fe9dd60f7345f12f4d4c7e7fc49e628f199b6001d8bb520a9e61640582c0a3473d14fb9863b00c322be850a71888b12db75a3ec09d9ec58dcdc72fc18ed3ad6f1fef3bb4795e68037de390005f01bf02300e472653c07a3b5a62854b40faadc8040deb080fcb1c4e02817d23c495b958f5"], &(0x7f0000001d80)=0x1008)
setsockopt$inet_sctp_SCTP_DELAYED_SACK(r2, 0x84, 0x10, &(0x7f0000001dc0)=@sack_info={r3, 0x8001, 0xffffffff7fffffff}, 0xc)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
openat$mixer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/mixer\x00', 0x511000, 0x0)

18:29:58 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:29:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:29:59 executing program 4:
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040)='/dev/cachefiles\x00', 0x400000, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x0, 0x1})

[  440.395633] Bluetooth: hci0: command 0x1003 tx timeout
[  440.402391] Bluetooth: hci0: sending frame failed (-49)
[  440.475885] Bluetooth: hci1: command 0x1003 tx timeout
[  440.482015] Bluetooth: hci1: sending frame failed (-49)
[  442.475630] Bluetooth: hci0: command 0x1001 tx timeout
[  442.481022] Bluetooth: hci0: sending frame failed (-49)
[  442.555623] Bluetooth: hci1: command 0x1001 tx timeout
[  442.561018] Bluetooth: hci1: sending frame failed (-49)
[  444.555583] Bluetooth: hci0: command 0x1009 tx timeout
[  444.635611] Bluetooth: hci1: command 0x1009 tx timeout
18:30:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5424, 0x0)

18:30:09 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, &(0x7f0000000080)={<r4=>0x0, 0x63}, &(0x7f0000000140)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000180)={r4, 0x9, 0x83}, 0x8)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:30:09 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, 0x0)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:30:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(0xffffffffffffffff, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  448.564213] FAULT_INJECTION: forcing a failure.
[  448.564213] name failslab, interval 1, probability 0, space 0, times 0
[  448.624420] CPU: 1 PID: 9954 Comm: syz-executor.1 Not tainted 4.19.62 #36
[  448.631376] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  448.631382] Call Trace:
[  448.631406]  dump_stack+0x172/0x1f0
[  448.631427]  should_fail.cold+0xa/0x1b
[  448.631444]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  448.631461]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  448.661657]  ? __cancel_work_timer+0x313/0x520
[  448.666247]  ? mutex_trylock+0x1e0/0x1e0
[  448.670322]  __should_failslab+0x121/0x190
[  448.674566]  should_failslab+0x9/0x14
[  448.674582]  kmem_cache_alloc_node+0x56/0x710
[  448.674610]  __alloc_skb+0xd5/0x5f0
[  448.692134]  ? skb_scrub_packet+0x490/0x490
[  448.697143]  ? lock_downgrade+0x810/0x810
[  448.701276]  ? hci_dev_open+0x220/0x220
[  448.705237]  hci_sock_dev_event+0xf3/0x580
[  448.709458]  hci_unregister_dev+0x253/0x820
[  448.713773]  hci_uart_tty_close+0x1fc/0x250
[  448.718079]  ? hci_uart_close+0x50/0x50
[  448.722056]  tty_ldisc_close.isra.0+0xaf/0xe0
[  448.726540]  tty_ldisc_kill+0x4b/0xc0
[  448.730326]  tty_ldisc_hangup+0x2d9/0x630
[  448.734468]  __tty_hangup.part.0+0x2cc/0x6f0
[  448.738864]  ? tty_read+0x2a0/0x2a0
[  448.742478]  tty_ioctl+0xefb/0x1510
[  448.746096]  ? tty_vhangup+0x30/0x30
[  448.749795]  ? mark_held_locks+0x100/0x100
[  448.754016]  ? proc_cwd_link+0x1d0/0x1d0
[  448.758069]  ? __fget+0x340/0x540
[  448.761511]  ? __might_sleep+0x95/0x190
[  448.765482]  ? tty_vhangup+0x30/0x30
[  448.769185]  do_vfs_ioctl+0xd5f/0x1380
[  448.773075]  ? selinux_file_ioctl+0x46f/0x5e0
[  448.777559]  ? selinux_file_ioctl+0x125/0x5e0
[  448.782039]  ? ioctl_preallocate+0x210/0x210
[  448.786434]  ? selinux_file_mprotect+0x620/0x620
[  448.791181]  ? iterate_fd+0x360/0x360
[  448.794970]  ? __sanitizer_cov_trace_const_cmp1+0x1a/0x20
[  448.800495]  ? fput+0x128/0x1a0
[  448.803766]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  448.809292]  ? security_file_ioctl+0x8d/0xc0
[  448.813688]  ksys_ioctl+0xab/0xd0
[  448.817128]  __x64_sys_ioctl+0x73/0xb0
[  448.821004]  do_syscall_64+0xfd/0x620
[  448.824791]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  448.829966] RIP: 0033:0x459829
[  448.833148] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  448.852034] RSP: 002b:00007f2ee0a56c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  448.859727] RAX: ffffffffffffffda RBX: 00007f2ee0a56c90 RCX: 0000000000459829
[  448.866980] RDX: 0000000000000000 RSI: 0000000000005437 RDI: 0000000000000003
[  448.874233] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  448.881487] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f2ee0a576d4
[  448.888743] R13: 00000000004c420e R14: 00000000004d8370 R15: 0000000000000004
18:30:09 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:30:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0xcf2f, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x0, 0x0)
getsockopt$netrom_NETROM_T4(r1, 0x103, 0x6, &(0x7f00000000c0)=0x9, &(0x7f0000000100)=0x4)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:30:09 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00'})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:30:09 executing program 3 (fault-call:3 fault-nth:0):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:30:09 executing program 4:
r0 = syz_open_dev$dri(&(0x7f00000001c0)='/dev/dri/card#\x00', 0x2, 0xffffffffffffffff)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
setxattr$security_smack_transmute(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x1)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0xa040, 0x0)
ioctl$BLKSECTGET(r1, 0x1267, &(0x7f0000000080))

[  448.999959] FAULT_INJECTION: forcing a failure.
[  448.999959] name failslab, interval 1, probability 0, space 0, times 0
[  449.050935] CPU: 1 PID: 10002 Comm: syz-executor.3 Not tainted 4.19.62 #36
[  449.057989] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  449.057996] Call Trace:
[  449.058020]  dump_stack+0x172/0x1f0
[  449.058040]  should_fail.cold+0xa/0x1b
[  449.058059]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  449.058075]  ? lock_downgrade+0x810/0x810
[  449.058099]  __should_failslab+0x121/0x190
[  449.058118]  should_failslab+0x9/0x14
[  449.058133]  __kmalloc+0x2e2/0x750
[  449.058213]  ? __crypto_alg_lookup+0x2fa/0x370
[  449.058230]  ? crypto_create_tfm+0x82/0x300
[  449.087065]  crypto_create_tfm+0x82/0x300
[  449.087080]  ? crypto_alg_mod_lookup+0xff/0x550
[  449.095089]  crypto_alloc_tfm+0x104/0x2e0
[  449.095171]  crypto_alloc_ahash+0x2d/0x40
[  449.103248]  hash_bind+0x26/0x30
[  449.103264]  alg_bind+0x25a/0x570
[  449.131408]  ? security_socket_bind+0x8d/0xc0
[  449.135973]  __sys_bind+0x239/0x290
[  449.139594]  ? __ia32_sys_socketpair+0xf0/0xf0
[  449.144175]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  449.148933]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  449.153674]  ? do_syscall_64+0x26/0x620
[  449.157635]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  449.162984]  ? do_syscall_64+0x26/0x620
[  449.166948]  __x64_sys_bind+0x73/0xb0
[  449.170733]  do_syscall_64+0xfd/0x620
[  449.174523]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  449.179696] RIP: 0033:0x459829
[  449.182880] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
18:30:09 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00'})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  449.201768] RSP: 002b:00007f447d655c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  449.209466] RAX: ffffffffffffffda RBX: 00007f447d655c90 RCX: 0000000000459829
[  449.216721] RDX: 0000000000000058 RSI: 00000000200001c0 RDI: 0000000000000003
[  449.223974] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  449.231232] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f447d6566d4
[  449.238490] R13: 00000000004bf93d R14: 00000000004d1380 R15: 0000000000000004
18:30:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  450.955612] Bluetooth: hci1: command 0x1003 tx timeout
[  450.962982] Bluetooth: hci1: sending frame failed (-49)
[  453.035610] Bluetooth: hci1: command 0x1001 tx timeout
[  453.041003] Bluetooth: hci1: sending frame failed (-49)
[  455.115635] Bluetooth: hci1: command 0x1009 tx timeout
18:30:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5425, 0x0)

18:30:19 executing program 1:
openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:30:19 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000040)='/dev/vga_arbiter\x00', 0x420900, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:30:19 executing program 3 (fault-call:3 fault-nth:1):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:19 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00'})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:30:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  459.468896] FAULT_INJECTION: forcing a failure.
[  459.468896] name failslab, interval 1, probability 0, space 0, times 0
[  459.496111] Bluetooth: hci0: Frame reassembly failed (-84)
[  459.514653] Bluetooth: hci1: Frame reassembly failed (-84)
[  459.545708] CPU: 0 PID: 10033 Comm: syz-executor.3 Not tainted 4.19.62 #36
[  459.552762] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  459.562900] Call Trace:
[  459.565501]  dump_stack+0x172/0x1f0
[  459.565522]  should_fail.cold+0xa/0x1b
[  459.565538]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  459.565556]  ? lock_downgrade+0x810/0x810
[  459.582303]  __should_failslab+0x121/0x190
[  459.586540]  should_failslab+0x9/0x14
[  459.590347]  __kmalloc+0x2e2/0x750
[  459.593904]  ? crypto_create_tfm+0x82/0x300
[  459.598244]  crypto_create_tfm+0x82/0x300
[  459.602405]  crypto_init_shash_ops_async+0x5b/0x410
[  459.607421]  crypto_ahash_init_tfm+0x363/0x440
[  459.611995]  crypto_create_tfm+0xe0/0x300
[  459.616131]  ? crypto_alg_mod_lookup+0xff/0x550
[  459.620791]  crypto_alloc_tfm+0x104/0x2e0
[  459.624933]  crypto_alloc_ahash+0x2d/0x40
[  459.629067]  hash_bind+0x26/0x30
[  459.632430]  alg_bind+0x25a/0x570
[  459.635877]  ? security_socket_bind+0x8d/0xc0
[  459.640360]  __sys_bind+0x239/0x290
[  459.643972]  ? __ia32_sys_socketpair+0xf0/0xf0
[  459.648552]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  459.653294]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  459.658036]  ? do_syscall_64+0x26/0x620
[  459.661995]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  459.667342]  ? do_syscall_64+0x26/0x620
[  459.671826]  __x64_sys_bind+0x73/0xb0
[  459.677092]  do_syscall_64+0xfd/0x620
[  459.680882]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  459.686053] RIP: 0033:0x459829
[  459.689234] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  459.708118] RSP: 002b:00007f447d655c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  459.715815] RAX: ffffffffffffffda RBX: 00007f447d655c90 RCX: 0000000000459829
[  459.723072] RDX: 0000000000000058 RSI: 00000000200001c0 RDI: 0000000000000003
[  459.730782] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  459.738037] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f447d6566d4
18:30:20 executing program 4:
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x80000, 0x0)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000040)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000080)=0x14)
ioctl$TUNSETIFINDEX(r0, 0x400454da, &(0x7f0000000100)=r1)
r2 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r2, 0xc018643a, &(0x7f00000000c0)={0x4000003e, 0x2000000000000000})

18:30:20 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  459.745295] R13: 00000000004bf93d R14: 00000000004d1380 R15: 0000000000000004
18:30:20 executing program 4:
set_tid_address(&(0x7f0000000040))
syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000001380)='/selinux/status\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000013c0)={<r1=>0x0, @in={{0x2, 0x4e23, @multicast2}}, 0x8, 0x5, 0x2, 0x10001, 0x48}, &(0x7f0000001480)=0x98)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f00000015c0)=0xfffffffffffffffc, 0x4)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r0, 0x84, 0x6, &(0x7f00000014c0)={r1, @in6={{0xa, 0x4e24, 0xe72, @local}}}, &(0x7f0000001580)=0x84)
r2 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x2, 0x8002)
write$P9_RREADLINK(r2, &(0x7f0000001740)=ANY=[@ANYBLOB="100000002e2f66696c65307c4929f19b08ffcc533f2f09b74c5de8f63e61951590ce957e57def4ccac7a7c1dbe8894f2cb42ecadea1d01803f26af4d4b01bea9d3ff750e6e69cf17b7a4c3a52109b4cf46feb32fac3a0ac50b892a06bc5471ecf9aa75e9b9f1a336bb3e0bc247ff562838615bdc5d268ddf701c5703ffcf88eae019b5079f5f086ea2d4c735b5ff5ce3741874a8c1adc1cceeb268b8dedc26b2912890f51f1ce2aa46ed48fd58fe7c8b129ff52e8be0ef9f040f55b8a577a5479a541de6e114948c49e850998faa199fd8d826c9709e89d4bc4e80aba3a987bcc7167d0e2a25dd9af47dd73105a7d1168243f062823f30a41083107a9a16b99ef05332f0aa57152576ebcaee71c1f2d2e65d1b9dbbd0a400a01d5d578d2bcafc7b0cc1d050"], 0x10)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000001340)={0x1400003f, 0x40, 0x4})
syz_mount_image$nfs4(&(0x7f0000000000)='nfs4\x00', &(0x7f00000000c0)='./file0\x00', 0x3, 0x4, &(0x7f0000001280)=[{&(0x7f0000000180)="a6f28a1bcd0f8a1cfb15d283eb4760ab69973f43eddbc679dbf0c455b68862e23d16f9fe51bdc5ed99aac449a436d053ee23bc0fc5e39b197fd92d0f86a1d9036033adc3f54b69467b62a267db2e9b70e78f523486980f2bd7e5a4c4", 0x2cb, 0x3ff}, {&(0x7f0000000200)="242f21d05227658684c88e3dc349d9963141a41bc2ca2b0f5a955e7c95806f859a1a115b6330f223508258f00227d26497e71aa29172d0f55938ca96c1d2be522c74ea66b6fb1a4172333e11f487de6c9ee9b6eeb09cb401fb2ac274c47941e848b1bf7d4c1c75fb8f094193bcc74f6bc6294d4794f7e887dff45b", 0x7b, 0x1}, {&(0x7f0000000280)="251c61ef15c4711378aed424d2d583651877ced3a4789bb7f06092b15fd927b9e781f1a29ef24be77556c138cfb86e576add1c65071a8fd017a40af3b89df7132dfbfe67afade2041eaa6198b609cee44940a21ee1a7a060f6af39950ee63e88b52c5c48672f8cc62a0db142d77a9f40e80393a68f22742caed620a6286b674c9658a4a2ff7bf572cc5f7849d01d5129556ce529a372112aef1f490774299a039492c818e91aa0538925e0dab5e8745ef2442a60877d14bb61bb46b7de066eb6960468ea09d719ad2fe6d4735a01fbdc35a4f12c73de5f343bb8469814cb8ebb0eaa094cb158302a73c5648575f86a8a7a8f6d97b0a649e2aa04609e9f933e2ca6c47f26a1141f4acedd50050285da1694e37704c38375b540cfcbb3ef0f1d52267976567066389297d9a01bf8519673f7bcd09a712df88441b75aec044b3cb1de76be9479e027c619f94264c5376a1f058f610af93abe4adbbfbda64eee83289a84b60582998dac25f302fecc605425d9edd87a3c6c0ae96d1c97cd0fe705bb3cfdd51692d7822096451664940431e127871df95988ded7afe258779b8ee33ec2ff302fcdd943641812dc59cd58c4b4826ebfd79e8af3a3b4bdd2a3d00052bad954e7923bb61985a3f00e7a3d77159a8d7ba82c71279a08be5bc053ee7f301cad87cc56b3f8a6ee72fe021f2e460c32d6d075345c0ced8fa70845d30a10137ce5dec060ba0128a1d3ac2b3202377a58cf3837501cfb4ce9e18fb00f582ff9c47d4ade924536b6b3c63456a9208df8d341d7152a576b91fa065c52e104410356f044d8459600373a18fe7fa957cb758af9736ea61c58d582ffe45705832d6f8f3c667f77cf6a4e36f9afe3907cd2549c9f69585a7e1d507d0db7a461d7f3193ba7cb8f766d88537f3f2f5566857d3f70985963dd3121a89ac5a139ce018c185fdd26eecca73c8dfc82107a0f806a722c7e651e12d66e3a391452a8ea3f0be07ae0dfb626072b511eb065ffaa1e6f413abd6cfb77b4b0e3c75cc49736e5a5c3abf3311ea8a86799666737a4907140a8858893b06fc9c522950dbb067649c949a1c49fe85f4ffc5f77b488e3fbbc7f6e05c1103e48ddcfbc8a5d19640a3871ed105c3723402736a87ccfb5020a10530b2f696e775170a56af16c0ccd6b74ae48067e4a23c682879604bf6be1c8da6fcb7de65edb88ebdfe2e23e789c1e3c95f71b4e799a0fbb3ba3a36050e95a8b5d440373b46b43fa44208e06c463d29f99257b1516bfc8c1b6b0e757aed39db26e6611f7776500a4660c9437991b59b2c22f1de756eedcbd59e8c2930706fe056cab1dee3e30e707668668bb3fb7c9fd04930db1346aa0ab641b5f2d1750744a9331ba67b85af3931214bf3a48330e91242a7e3893838d4e37d1790d72282c3a1786eb32102b7730863e4849c0ae401f547f6b85b9c27e490d293aa8e914d4ce0d7dcc0f847787e942a01334862bb3fc0f39485aa8a27afef655607b6b93a1814e0b7b8c05649568c23e66d78f09f18a406fb9b635c52b491793dcf06e2cfcb181e11fd6f47f80d270163d0c053febd8edebb15ca7be96891481b58f6aab9e55b7eec75485c9b60b07258433105f41898421c14d5146b179b0f8e7c35d6d835f976d66522a40163452b1b744a990d7deb6c45756d0bdfc01dca12592b6437225274c289155fd0a3493dbe8a6eb0d892c74fce8846eb5ff52559c7f189ecf339b52a03276098fe9befbe22917d179286864cfd885f62fc87be69253ee90afb88bd194c3d79b70b5aff7d2961b46412ab85276631121ddd3b3be82c059c4cf2faa9180fdd0a3cb98ed84473e8c51d454e0af875dacc5ab7fb23b60517933304a223e49f7b5561f572be1beb12413a2784745fafeadaaad0dfc0129a69d7c207a3232c6f84c67a58ff06bada097f6e475c5fb22a6bebf53ce7d32e7cbc5ef01fc6a46f3acc19aef9c66469fdfcff374e41043c84aff77c6f1ecb384f43a361b6f9595b38b2fc5a3b756e3a164f490c8e232a89decb176f1c29eca56712225716a47aa33aab53258a9dce4bedf9e2ed47f081d439aa12b65b846d8363c38904598e670786f9cf0b1af4472e4a2447c716ecdc0cdb64835d250a06ee339d7ea6f2b96cf76c650ebf7d42e887bc9ed09e9617bbbef7b1ac6782e0e97b9659e21454796647065a24209e4393a263e00108dcd333e9e32323b4476fd08e47455ddc51ee7126aef1606b83e91c6fa9b9aad41c26e4cbd828b39e46e8efc5bcb244c3fdc90cd312d0ed921de933a4a72664cbc3fceb19d4cb10ee5ef9c1aa6568aaccbb38342c8312b35463d111e461b52f1a3fe0ba48f4e556315ee93bba61a4b6294f6321bbe544f640c2eb32b1a5b844428a5b0044e6ac0f5f0edcfeabf92d2208c796414c774e030f6c432b507637761114958325b8f5173c9e2be5e9a4d4a49cd2a37f6e497206be270c06b5d694c97d2cf1d0831c5c1e2a22b603c59a7ffb2ffd1063a261fe1894c06a3512527e267c24ee15a26cd960ee8f9b0cfad0d7f307c0e89c7e380d117d0adc1ea7f6050acaa71bc924cf4d358415b3ad6ba3fddd044291fd470143bc2240272df32fb46ce062e83b6eaefe646ce3325231ae82b4966cd940310951dfbee9365609376126677f72f0631424eebadd59c16fba336367c67d14faf6ef07da7d373e35833a75e00ac630aa074f7d6b5f878726fc04f833cc53c549c44a475ba40d0516dcb2deddbdc3c2c196cfffd710830dcd1b8d7a5be5ad777fd9ad26684e0597c8b5789b796517586ba863433ff73f61a81cd53785d7c904cdf1c2a41102f295d3d6940be2dde6d0041e30ee75cce234460979f68076764d193618b649af80e02a14d38c8953279a426d796d24bebd0fac2474c53d209f81505dbffefb7c4dd6faf4b3c54b0842ccc6285ab36d01785f826b8f0964491e13402e8e5850785ce1f79febb4e3f11e9ed8ab94a0e13c470551809e5b5fa9cfdf97d3bdbdd1afcbba0ed07f215abe188837f2a5b952afd2b1ec6329757ad0e5ba06bd38558d0e70fc355fcb4c403b0a56f81e1a934f4a4dc5757ae116d7de8becdfab67ab01547bf730e096d9145ab12fad7277d88e3493d2b1d91176cca6ba96d59284521db04437a4e380494e58d0b75c4aea9b85520fbffd31504546a19943db8e5bc7b7011913d35d3bff67669201f9a35803f30a3ead07788cbd5b560f92c5491471a160ffa3ea0e5dbc70db86cb33b54577b5169e3ce94736ec542f946411907088c967ea1d85d3aa95d9d2b3c54a5574fc8d2752277bcf9950a7ee77b106383f08ea69183e261734fc366619913fac3cb87b068c228c779b0bb1f454b100d6b439714b616967cfa71a804dcf723c61449c4d7cacc69ae6c376e2434a96c0350422c42ebe7ab7f17de42c869a0a7943f2bc6b30bbdc90232ccf8ed23841684bda4cd3766830e539e7c179b009ea9bce0fc48e33a6ad95c3a52d35fd9af228ff4236c1c49aad0a22ff78f64fa71dbb0a814f2f6781b3f1e856e81fcb6dcbae3b42b508bc90453337a740500cd2434b1afbc7173e98301fd8556fcbcb3bdbd643faa3b8000f4579ba475a6b2f18c1398548eb82346ebcbf6788a9a22e52f694d0dbbdb5cabe66e261d2a0417b77f01c74d3a07008d9822a6b1b207d92e771b71d0985ff7fbd260e0fdb8c3e8ebe7bdf4726a4c5ccad5e37a01db572aca332d7585276680bf6a6376ff4245ed99e972e8a33e8f82e4b0d9dec94e43b2fcf2fdffc6040188b43a7cb5eac1e7f350010cf1af861343c8e40e6370ad23d3a99ea39079c4334c822a37c8bd810b0ad7100fd0cecbb792a8bb9c17395377b499fa1ce498be16459fdb58e04e4ffeb5e85d2e4deb8a4e69486870023a86a59dbf9addae3500e5d9063b703bd24a7231a2265e9c8ce91ff567215c0145e8f1edbe9a1eea2c5fd1b8335d910a6b169ba7ceae94e5e1c88e84bd2c11e9b31140125b5fe63bdd756abd67c03a03fb0c70272d5bf417f7c511fc57aab9842a72951eabf538e783c8ab1992cacef565a82970fa4e1150f110c802e2cb4ae8acd36d24e2173c4e3b8d805c570876c855c9e80f967e6f82cc0179cf638dfed7e4c5843f33da0279f12fd40d24bc0e138726ec6eee5197544f8ed676ab2cf7754bf53fcf6e61648fe23d2da4c6aa4581b23313856dbd98665c00759b0faaf1b07978a05056e71d7b1366df6da83e389788e15754abbdc1302e5c95e1120989c517bc74335e54617e8f17cd3a51f3e787e17c4e0f3e672f1cdafcb4f097d03ea207cb3796b6b9aa1b405a2186787574fa7e5c84f28c6757fee674430c230cb9cb5d3e757556f13d89094ee4d72e8ece41e042753a83370f8e50d06ce3d8a6dec0727c092603e83ea9434751da00abde34f82f726242dfa6e7a3f43c959c93c7544b6265dd2eb8b250fb2c90c8f73a67ef5e53855fb0f5b090ddf4b0c74822ffee53f0ebce3fffcc7c3da75e24b5d1b31c01e9dc3cbe35a150b4f93062a64663c0c58f001be509c268ecaf86d1490b0df42d0fde2bb62b55d7fa2f9af77aaa24475d0a5ddeb89b321d8ec28034057221f1f2be663a3ac8d0c1baa2e8c41d821d01e6cc935446a8bc87342fe5491b8ebe7486ffb0c4346a461004a25b951e5f5657350450f8ade1f8a8e10d49361ace98fc2313d60ea6c68a79e7f7edca41158dad4ef6101deca84cf0bdfdbae3e77bec071b5cf45dd3853e291457b72d3f9e9109c786e035d461e5458e35a9721e49e2b10ae4aeac4d6184cb92633cb8fc5dad231ce91d31fd60c9d24774ad6ff22e9e326ae70a348bc39d941989b04df509231a009e65e1be97308d0648b117878326fbfbc31719293317c3424fa4b5cf6e55de8e97088731f71c24195f12c22c753cc868effffb69f75ab378b5b1699d93f4b9c89b33c043f37a90647b8bf100f0727a114519f45d271dfe1e0792e4c2044906b677fd9a143d42c1f08fb00d812c95a428d23b81a6defd0b160ba5917612030a69c6ce1f2598fa284e3147224063e1098b4889bdb5454754a956a958e10c7f1175c4632cf6c4429edfc76496097aac168fa64abcdaadd97a4d52dfccec704004c48f8f52b23403ce40e29108202726728516951e9c037dc041422540435cebea7d427a6466f77dc526b4e9b52e70572b80a0dca999555fb0478a80d07cabfafc71e05d6025c84da6e2fe60dfdbc34a045c76d8e918ce25815d722b8abe6643987704e91a0167dc5b0a942aa561aea34e0d01fa4a66d8debf1955f5ae55f4c9882bcdcc2eb31c4855e0087ea9a30482520c4efae3b5f38457841542d31400dec66afc1359f429a45ba67c2c47b675204bef93b3bccfb68df6ba20f15754e4ec5b3428ed218b6846e9ba9cddef9d8307311947f1854b7a70f458e929c1cc65ab3e13e8274158e763d5172a8aafcb02fe72d0dbfe9ef5c785fc41c88b8218267b92e222fa916597350ea9329cfb5babe4c7037454c3bdf94407709c77af68767f5b77d50f42ff94ac5ece8b79400fdb580ffd5450212af07064bc147e2bcabb1ea52291bec852e6451cae026e674c68b31558653e30e564f261fd9a2ba07e6dcd128a3cabad4afe13b4b607e549d3a0184d7d26b1377c86336fbf474c26020ed1bf382a33f7ab30ab2634c6c5e7ddf426346f350257f150b161df915673b2c61f83f0722fb97be6818a9f362dca563afbd98981163d8c0cece7aa4a32fbb60c53aee2f71ae4b3ebdaa756cde31dcd90ad544a33235718e61cbf9f", 0x1000, 0xfffffffffffff0cf}, {&(0x7f0000000100)="78c50bd470e3db2ab13fdfbc842ddd846876e681dda90f4cb31508b5eace7513db3788768bf1d50caeadcba3651da4a07062a24b", 0x34, 0x80000001}], 0x9, &(0x7f0000001300)='/dev/dri/card#\x00')

18:30:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0))
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:30:20 executing program 3 (fault-call:3 fault-nth:2):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:20 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  461.515573] Bluetooth: hci1: command 0x1003 tx timeout
[  461.520927] Bluetooth: hci0: command 0x1003 tx timeout
[  461.520973] Bluetooth: hci1: sending frame failed (-49)
[  461.528422] Bluetooth: hci0: sending frame failed (-49)
[  463.595587] Bluetooth: hci0: command 0x1001 tx timeout
[  463.595607] Bluetooth: hci1: command 0x1001 tx timeout
[  463.600957] Bluetooth: hci0: sending frame failed (-49)
[  463.606556] Bluetooth: hci1: sending frame failed (-49)
[  465.675585] Bluetooth: hci1: command 0x1009 tx timeout
[  465.675601] Bluetooth: hci0: command 0x1009 tx timeout
18:30:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5427, 0x0)

18:30:30 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000200)='/dev/input/mice\x00', 0x0, 0x80000)
bind$x25(r1, &(0x7f0000000180)={0x9, @remote={[], 0x0}}, 0x12)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x200, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000002c0)={'vcan0\x00', <r3=>0x0})
ioctl$TUNSETIFINDEX(r2, 0x400454da, &(0x7f0000000300)=r3)
ioctl$VIDIOC_G_OUTPUT(r2, 0x8004562e, &(0x7f0000000080))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$KDSETKEYCODE(r0, 0x4b4d, &(0x7f0000000000)={0x3, 0x100})
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/vga_arbiter\x00', 0xc8008308c3012052, 0x0)
syz_open_pts(r2, 0x8000)

18:30:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x2, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0))
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:30:30 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:30:30 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x1000, 0x204100)
ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f0000000100))
fsetxattr$trusted_overlay_nlink(r0, &(0x7f0000000180)='trusted.overlay.nlink\x00', &(0x7f00000001c0)={'U-', 0x6b4f5eda}, 0x28, 0x3)
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
preadv(r0, &(0x7f0000001580)=[{&(0x7f0000000200)=""/146, 0x92}, {&(0x7f00000002c0)=""/206, 0xce}, {&(0x7f00000003c0)=""/96, 0x60}, {&(0x7f0000000440)=""/249, 0xf9}, {&(0x7f0000000540)=""/4096, 0x1000}, {&(0x7f0000001540)=""/3, 0x3}], 0x6, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x4000002})
r2 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot\x00', 0x10000, 0x0)
ioctl$KVM_GET_ONE_REG(r2, 0x4010aeab, &(0x7f0000000080)={0x56c, 0x4})

18:30:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:30 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

[  469.813527] Bluetooth: hci0: Frame reassembly failed (-84)
18:30:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0))
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:30:30 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDGKBSENT(r0, 0x4b48, &(0x7f00000001c0)={0x4c8fa233, 0x4, 0x7d3747da})
ioctl$KDADDIO(r0, 0x400455c8, 0xfffffffffffffffe)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000080)='/dev/snd/pcmC#D#p\x00', 0xc9e7, 0x2000)
ioctl$DRM_IOCTL_GET_UNIQUE(r1, 0xc0106401, &(0x7f0000000100)={0x1000, &(0x7f0000000280)=""/4096})
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x0, 0x0)
mmap$perf(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x7, 0x30, r2, 0x0)
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rfkill\x00', 0x20000, 0x0)
connect$tipc(r2, &(0x7f0000000040)=@name={0x1e, 0x2, 0x3, {{0x43, 0x2}, 0x2}}, 0x10)
ioctl$KDDELIO(r0, 0x4b35, 0x6)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:30:30 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xcf2f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
fgetxattr(r0, &(0x7f0000000040)=@known='security.apparmor\x00', &(0x7f0000000080)=""/69, 0x45)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc010640b, &(0x7f0000000100)={<r1=>0x0})
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000180)={0x0, r1})

18:30:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\xfe\xff\xff\xff\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  471.835595] Bluetooth: hci0: command 0x1003 tx timeout
[  471.840980] Bluetooth: hci0: sending frame failed (-49)
[  473.915630] Bluetooth: hci0: command 0x1001 tx timeout
[  473.921035] Bluetooth: hci0: sending frame failed (-49)
[  475.995581] Bluetooth: hci0: command 0x1009 tx timeout
18:30:40 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5428, 0x0)

18:30:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:30:40 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_GEM_FLINK(r0, 0xc008640a, &(0x7f0000000040)={<r1=>0x0})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r0, 0xc00c642d, &(0x7f0000000080)={r1, 0x80000, r0})
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x7fff})

18:30:40 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2100, 0x0)
ioctl$DRM_IOCTL_AGP_FREE(r1, 0x40206435, &(0x7f0000000040)={0xba4, 0x0, 0x1, 0x400})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ftruncate(r0, 0x5)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$sock_FIOGETOWN(r1, 0x8903, &(0x7f0000000080))
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:30:40 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:40 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x0, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:30:40 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_AGP_ACQUIRE(r0, 0x6430)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
syz_genetlink_get_family_id$fou(&(0x7f0000000040)='fou\x00')

18:30:40 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  479.979951] Bluetooth: hci0: Frame reassembly failed (-84)
[  480.007701] Bluetooth: hci1: Frame reassembly failed (-84)
18:30:40 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000180)='/dev/dri/card#\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f00000000c0)={0x4000002, 0x8000000000, 0x1c})
ioctl(r0, 0x7fffffff, &(0x7f0000000040)="ded7446e99a8aad4c0c6341b2b7228b5")

18:30:40 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\xfe\xff\xff\xff\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:40 executing program 4:
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x2cc80, 0x0)
ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000100))
r1 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r0, 0x84, 0x1a, &(0x7f0000000340)={<r2=>0x0, 0x92, "877e6dfe89c888348161fb4567fe1ebac81f417fab9603e350d7da76d7b8421404a5a4c4ccb0958576b68595e51599b884e5816d230f05e8153d2be591ec219c6f5871a5d70895567e85957285503c0b78e00546fa936464c6151a2a03f44da5d2c915fdb658b0288465790ffd9ec8b0ab617042aad349efeaad420a0cd906e0a2fbcb6f776c617bedf4d7c3291b04bf63ba"}, &(0x7f0000000400)=0x9a)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000440)={0x4, 0x0, 0x8000, 0x1, 0x4e9, 0x2, 0x1000, 0x10001, r2}, &(0x7f0000000480)=0x20)
r3 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/policy\x00', 0x0, 0x0)
ioctl$SG_GET_SG_TABLESIZE(r3, 0x227f, &(0x7f0000000080))
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000300)={0x5, 0x100000000, 0x0, 0x82d, 0x13, 0x2, 0x3f, 0xffffffffffff9f48, 0x1200, 0x3})
ioctl$DRM_IOCTL_WAIT_VBLANK(r1, 0xc018643a, &(0x7f0000000000)={0x4000002})
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000026ff8)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x0, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
sendfile(r4, r4, &(0x7f0000000180)=0x74000000, 0x5)
getsockopt$inet_sctp_SCTP_ENABLE_STREAM_RESET(r3, 0x84, 0x76, &(0x7f0000000180)={<r5=>0x0, 0x1}, &(0x7f00000001c0)=0x8)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000200)={r5, @in={{0x2, 0x4e22, @multicast1}}, 0xffffffffffffffff, 0x8, 0x7f, 0x9, 0x40}, &(0x7f00000002c0)=0x98)

18:30:40 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  481.995675] Bluetooth: hci0: command 0x1003 tx timeout
[  482.001500] Bluetooth: hci0: sending frame failed (-49)
[  482.075600] Bluetooth: hci1: command 0x1003 tx timeout
[  482.081007] Bluetooth: hci1: sending frame failed (-49)
[  484.075570] Bluetooth: hci0: command 0x1001 tx timeout
[  484.080960] Bluetooth: hci0: sending frame failed (-49)
[  484.155582] Bluetooth: hci1: command 0x1001 tx timeout
[  484.160975] Bluetooth: hci1: sending frame failed (-49)
[  486.155584] Bluetooth: hci0: command 0x1009 tx timeout
[  486.235547] Bluetooth: hci1: command 0x1009 tx timeout
18:30:50 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5441, 0x0)

18:30:50 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:50 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000040)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:30:50 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:30:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:30:50 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x14)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:30:50 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-control\x00', 0x1, 0x0)
write$P9_RREADLINK(r1, &(0x7f0000000080)={0x10, 0x17, 0x1, {0x7, './file0'}}, 0x10)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002, 0x0, 0x7})

18:30:50 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\xfe\xff\xff\xff\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  490.290302] Bluetooth: hci0: Frame reassembly failed (-84)
18:30:50 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x3, 0x10240)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000002, 0xfffffffffffffffb, 0x16})

18:30:50 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:30:50 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})
fcntl$getownex(r0, 0x10, &(0x7f0000000040)={0x0, <r1=>0x0})
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000080)=<r2=>0x0)
r3 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x9, 0x8040)
kcmp$KCMP_EPOLL_TFD(r1, r2, 0x7, r0, &(0x7f0000000100)={r3, r0, 0xfffffffffffff001})

18:30:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  490.860199] audit: type=1400 audit(1564511451.298:61): avc:  denied  { sys_ptrace } for  pid=10211 comm="ps" capability=19  scontext=system_u:system_r:kernel_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=cap_userns permissive=1
[  492.315594] Bluetooth: hci0: command 0x1003 tx timeout
[  492.320987] Bluetooth: hci0: sending frame failed (-49)
[  494.395628] Bluetooth: hci0: command 0x1001 tx timeout
[  494.401022] Bluetooth: hci0: sending frame failed (-49)
[  496.475626] Bluetooth: hci0: command 0x1009 tx timeout
18:31:00 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5450, 0x0)

18:31:00 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0xc72f, 0x0)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/mls\x00', 0x0, 0x0)
ioctl$sock_ax25_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x6, [@null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default]})
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

18:31:00 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\xfe\xff\xff\xff\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:00 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:31:00 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$VT_GETMODE(r0, 0x5601, &(0x7f0000000000))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:31:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:31:00 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:00 executing program 4:
r0 = syz_open_dev$dri(&(0x7f0000000140)='/dev/dri/card#\x00', 0x10000000000c734, 0x200400)
ioctl$DRM_IOCTL_GET_MAGIC(r0, 0x80046402, &(0x7f0000000040)=0x100000001)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000000)={0x4000002})

[  500.480539] Bluetooth: hci1: Frame reassembly failed (-84)
18:31:01 executing program 4:
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x5, &(0x7f0000000380))
write$RDMA_USER_CM_CMD_GET_EVENT(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = gettid()
timer_create(0x0, &(0x7f0000044000)={0x0, 0x12}, &(0x7f0000044000))
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r2, 0x40045431, &(0x7f00003b9fdc))
r3 = syz_open_pts(r2, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x2)
tkill(r1, 0x1004000000016)

18:31:01 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:01 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\xfe\xff\xff\xff\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:01 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  502.475657] Bluetooth: hci0: command 0x1003 tx timeout
[  502.481040] Bluetooth: hci0: sending frame failed (-49)
[  502.555572] Bluetooth: hci1: command 0x1003 tx timeout
[  502.560958] Bluetooth: hci1: sending frame failed (-49)
[  503.275552] Bluetooth: hci2: command 0x1003 tx timeout
[  503.280936] Bluetooth: hci2: sending frame failed (-49)
[  504.555613] Bluetooth: hci0: command 0x1001 tx timeout
[  504.560998] Bluetooth: hci0: sending frame failed (-49)
[  504.635576] Bluetooth: hci1: command 0x1001 tx timeout
[  504.640965] Bluetooth: hci1: sending frame failed (-49)
[  505.355590] Bluetooth: hci2: command 0x1001 tx timeout
[  505.360994] Bluetooth: hci2: sending frame failed (-49)
[  506.635696] Bluetooth: hci0: command 0x1009 tx timeout
[  506.715674] Bluetooth: hci1: command 0x1009 tx timeout
[  507.435637] Bluetooth: hci2: command 0x1009 tx timeout
18:31:11 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5451, 0x0)

18:31:11 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:11 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:31:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940), 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:31:11 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x100000000000f)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:31:11 executing program 4:
inotify_init1(0x0)
write$P9_RREMOVE(0xffffffffffffffff, 0x0, 0x27c)
r0 = gettid()
r1 = socket$unix(0x1, 0x5, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x0, 0x0, 0x370)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x12}, &(0x7f0000000100))
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/zero\x00', 0x0, 0x0)
getsockopt$IPT_SO_GET_REVISION_TARGET(r2, 0x0, 0x43, &(0x7f0000000200)={'NETMAP\x00'}, &(0x7f0000000240)=0x1e)
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x1c9c380}, {0x0, 0x9}}, 0x0)
ioctl$void(r1, 0x5451)
tkill(r0, 0x1004000000015)

18:31:11 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:11 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x0, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:31:11 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:11 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100)=<r3=>0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000140)={0xa08})

18:31:11 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  511.383704] Bluetooth: hci1: Frame reassembly failed (-84)
18:31:11 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940), 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  511.514203] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  511.559662] audit: type=1400 audit(1564511471.998:62): avc:  denied  { getopt } for  pid=10328 comm="syz-executor.4" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_netfilter_socket permissive=1
[  511.602747] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  512.715607] Bluetooth: hci0: command 0x1003 tx timeout
[  512.721014] Bluetooth: hci0: sending frame failed (-49)
[  513.435607] Bluetooth: hci1: command 0x1003 tx timeout
[  513.441050] Bluetooth: hci1: sending frame failed (-49)
[  514.795606] Bluetooth: hci0: command 0x1001 tx timeout
[  514.800996] Bluetooth: hci0: sending frame failed (-49)
[  515.515556] Bluetooth: hci1: command 0x1001 tx timeout
[  515.520920] Bluetooth: hci1: sending frame failed (-49)
[  516.875624] Bluetooth: hci0: command 0x1009 tx timeout
[  517.595628] Bluetooth: hci1: command 0x1009 tx timeout
18:31:21 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5452, 0x0)

18:31:21 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:21 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100)=<r3=>0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000140)={0xa08})

18:31:21 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x0, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  520.913080] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  520.946467] Bluetooth: hci0: Frame reassembly failed (-84)
18:31:21 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:31:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940), 0x0, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:31:21 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100)=<r3=>0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000140)={0xa08})

18:31:21 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:21 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x0, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  521.560036] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:31:22 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  521.604223] Bluetooth: hci1: Frame reassembly failed (-84)
[  521.613021] Bluetooth: hci1: Frame reassembly failed (-84)
18:31:22 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100)=<r3=>0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000140)={0xa08})

18:31:22 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  521.737259] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  522.955689] Bluetooth: hci0: command 0x1003 tx timeout
[  522.961081] Bluetooth: hci0: sending frame failed (-49)
[  523.677119] Bluetooth: hci1: command 0x1003 tx timeout
[  523.682512] Bluetooth: hci1: sending frame failed (-49)
[  525.035782] Bluetooth: hci0: command 0x1001 tx timeout
[  525.041202] Bluetooth: hci0: sending frame failed (-49)
[  525.755643] Bluetooth: hci1: command 0x1001 tx timeout
[  525.761034] Bluetooth: hci1: sending frame failed (-49)
[  527.115703] Bluetooth: hci0: command 0x1009 tx timeout
[  527.835588] Bluetooth: hci1: command 0x1009 tx timeout
18:31:31 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:31 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100))
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)

18:31:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x545d, 0x0)

18:31:31 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, 0x0, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  531.160138] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  531.180091] Bluetooth: hci0: Frame reassembly failed (-84)
18:31:32 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
semget$private(0x0, 0x4, 0x105)
dup(r0)

18:31:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:31:32 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:32 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100))

18:31:32 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, 0x0, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  531.802486] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:31:32 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:31:32 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  531.842980] Bluetooth: hci1: Frame reassembly failed (-84)
[  531.910094] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:31:32 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
fcntl$dupfd(r1, 0x0, r1)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:31:32 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:32 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[  532.050655] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:31:32 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  532.176050] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  532.627702] Bluetooth: hci2: Frame reassembly failed (-84)
[  533.195586] Bluetooth: hci0: command 0x1003 tx timeout
[  533.201082] Bluetooth: hci0: sending frame failed (-49)
[  533.915551] Bluetooth: hci1: command 0x1003 tx timeout
[  533.921010] Bluetooth: hci1: sending frame failed (-49)
[  534.635568] Bluetooth: hci2: command 0x1003 tx timeout
[  534.641019] Bluetooth: hci2: sending frame failed (-49)
[  535.275729] Bluetooth: hci0: command 0x1001 tx timeout
[  535.281144] Bluetooth: hci0: sending frame failed (-49)
[  535.995667] Bluetooth: hci1: command 0x1001 tx timeout
[  536.001060] Bluetooth: hci1: sending frame failed (-49)
[  536.715895] Bluetooth: hci2: command 0x1001 tx timeout
[  536.721300] Bluetooth: hci2: sending frame failed (-49)
[  537.355621] Bluetooth: hci0: command 0x1009 tx timeout
[  538.075587] Bluetooth: hci1: command 0x1009 tx timeout
[  538.795638] Bluetooth: hci2: command 0x1009 tx timeout
18:31:41 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5460, 0x0)

[  541.390673] Bluetooth: hci0: Frame reassembly failed (-84)
18:31:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:31:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:43 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, 0x0, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:31:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x7c, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:31:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  542.682890] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:31:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:31:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  542.723847] Bluetooth: hci1: Frame reassembly failed (-84)
18:31:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0xfeffffff, 0x0, 'rmd256\x00'}, 0x58)

18:31:43 executing program 4:
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  542.810825] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:31:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0xfffffffe, 0x0, 'rmd256\x00'}, 0x58)

18:31:43 executing program 4:
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  543.435595] Bluetooth: hci0: command 0x1003 tx timeout
[  543.442178] Bluetooth: hci0: sending frame failed (-49)
[  543.512135] Bluetooth: hci2: Frame reassembly failed (-84)
[  544.795636] Bluetooth: hci1: command 0x1003 tx timeout
[  544.801031] Bluetooth: hci1: sending frame failed (-49)
[  545.515555] Bluetooth: hci0: command 0x1001 tx timeout
[  545.515560] Bluetooth: hci2: command 0x1003 tx timeout
[  545.515632] Bluetooth: hci2: sending frame failed (-49)
[  545.531284] Bluetooth: hci0: sending frame failed (-49)
[  546.875583] Bluetooth: hci1: command 0x1001 tx timeout
[  546.880961] Bluetooth: hci1: sending frame failed (-49)
[  547.595596] Bluetooth: hci2: command 0x1001 tx timeout
[  547.595616] Bluetooth: hci0: command 0x1009 tx timeout
[  547.601050] Bluetooth: hci2: sending frame failed (-49)
[  548.955772] Bluetooth: hci1: command 0x1009 tx timeout
[  549.675598] Bluetooth: hci2: command 0x1009 tx timeout
18:31:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x40049409, 0x0)

18:31:52 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0xfeffffff00000000, 0x0, 'rmd256\x00'}, 0x58)

18:31:52 executing program 4:
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:31:52 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  551.673209] Bluetooth: hci0: Frame reassembly failed (-84)
[  551.679222] Bluetooth: hci0: Frame reassembly failed (-84)
18:31:53 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x200, 0x0)
write$apparmor_exec(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="6578036fd9a1b2d02de8a2371f5f293571756d747275737465646d643573751d85504fcf7feb19da1b2048e2c0032b73f09558659e2ff697d51ce4fc82da6ab9db2bc1b6579dd0d92783ddeff3692e32c5471ede57294ac0a2f9ae32746db62714943a988220d1626714e5c37fa190757017a73d89212e0a1399de5fdcca474c559bbe002d63b60c05db24590f308f2192de7d9d67404025954e4e7a7bba2ac2c3505af3f59a4016df4fc7f25df13461b42c0f0c75dbb9b66af755a5"], 0x29)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x8)
r2 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x400000, 0x0)
ioctl$BLKZEROOUT(r2, 0x127f, &(0x7f0000000040))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:31:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, 0x0}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:31:53 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0xfeffffff, 'rmd256\x00'}, 0x58)

18:31:53 executing program 4:
r0 = socket$inet(0x10, 0x0, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:31:53 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:31:54 executing program 4:
r0 = socket$inet(0x10, 0x0, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:31:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0xfffffffe, 'rmd256\x00'}, 0x58)

18:31:54 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000100))
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x240, 0x0)
write$UHID_INPUT2(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="0c0000006a0000ba83db5b1ded0c72ed87d68aa2790797ab8604162558c704211784f67b54c80400fbdb827e52fe9dbb4a21f990cf1992cf361d17d9752beb0eef7b150ce0d10f97a377952583a64e9a6686586a9d99fb3e88aab587f533ecf5ecfe02cf68e46a90f2fa17800000000000a47aae9800796647c81845975aa16f0679870257ee4af151c6ae9c0000cc85928644330d716be11ff571c0f1e0b35abb2b25665c07ba987c2eb4993b1de849e49eb920df36d4dfbec073b68ff86efc62f17e5dc123917df06e34a5d816c6f11b854186c5640966282b87912035d1f609561ff5d0217e1030606bb8f67c78a529741b7ed0c656f71cc1f0f02c3c155d7783269e087489d10881ea281e2c1c6e99fd2c43f72475536ae81835d4163c1ed8103f91ccb9965f42d3539685253a453af4d63b9402bfd3228f54"], 0xffa2)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x2, 0x2)
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000140)={{{@in=@empty, @in6=@mcast1}}, {{@in=@empty}, 0x0, @in6}}, &(0x7f0000000280)=0xe8)

[  553.675584] Bluetooth: hci0: command 0x1003 tx timeout
[  553.681114] Bluetooth: hci0: sending frame failed (-49)
[  555.755550] Bluetooth: hci0: command 0x1001 tx timeout
[  555.760963] Bluetooth: hci0: sending frame failed (-49)
[  555.835640] Bluetooth: hci1: command 0x1003 tx timeout
[  555.841033] Bluetooth: hci1: sending frame failed (-49)
[  556.555546] Bluetooth: hci2: command 0x1003 tx timeout
[  556.560964] Bluetooth: hci2: sending frame failed (-49)
[  557.835669] Bluetooth: hci0: command 0x1009 tx timeout
[  557.915765] Bluetooth: hci1: command 0x1001 tx timeout
[  557.921175] Bluetooth: hci1: sending frame failed (-49)
[  558.635648] Bluetooth: hci2: command 0x1001 tx timeout
[  558.641048] Bluetooth: hci2: sending frame failed (-49)
[  559.995656] Bluetooth: hci1: command 0x1009 tx timeout
[  560.715893] Bluetooth: hci2: command 0x1009 tx timeout
18:32:02 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x40086602, 0x0)

18:32:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0xfeffffff00000000, 'rmd256\x00'}, 0x58)

18:32:02 executing program 4:
r0 = socket$inet(0x10, 0x0, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:32:02 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:32:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:32:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\xff\xff\xff\xfe\x00'}, 0x58)

18:32:02 executing program 4:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  561.994530] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1542 sclass=netlink_route_socket pig=10543 comm=syz-executor.4
18:32:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\xfe\xff\xff\xff\x00'}, 0x58)

18:32:02 executing program 4:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  562.121787] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1542 sclass=netlink_route_socket pig=10551 comm=syz-executor.4
18:32:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:02 executing program 4:
r0 = socket$inet(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  562.323909] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=1542 sclass=netlink_route_socket pig=10561 comm=syz-executor.4
[  563.995582] Bluetooth: hci0: command 0x1003 tx timeout
[  564.001133] Bluetooth: hci0: sending frame failed (-49)
18:32:05 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x2400c0, 0x0)
ioctl$KVM_IRQ_LINE(r1, 0x4008ae61, &(0x7f0000000040)={0x28, 0x9})

[  565.072592] Bluetooth: hci1: Frame reassembly failed (-84)
[  565.863154] Bluetooth: hci2: Frame reassembly failed (-84)
[  566.075579] Bluetooth: hci0: command 0x1001 tx timeout
[  566.081347] Bluetooth: hci0: sending frame failed (-49)
[  567.115589] Bluetooth: hci1: command 0x1003 tx timeout
[  567.121243] Bluetooth: hci1: sending frame failed (-49)
[  567.915700] Bluetooth: hci2: command 0x1003 tx timeout
[  567.921099] Bluetooth: hci2: sending frame failed (-49)
[  568.155651] Bluetooth: hci0: command 0x1009 tx timeout
[  569.195633] Bluetooth: hci1: command 0x1001 tx timeout
[  569.201017] Bluetooth: hci1: sending frame failed (-49)
[  569.995801] Bluetooth: hci2: command 0x1001 tx timeout
[  570.001594] Bluetooth: hci2: sending frame failed (-49)
[  571.275651] Bluetooth: hci1: command 0x1009 tx timeout
18:32:12 executing program 4:
socket$inet(0x10, 0x3, 0xc)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:32:12 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:12 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:32:12 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x40087602, 0x0)

18:32:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:32:12 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  572.081334] Bluetooth: hci2: command 0x1009 tx timeout
18:32:12 executing program 4:
socket$inet(0x10, 0x3, 0xc)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:32:12 executing program 4:
socket$inet(0x10, 0x3, 0xc)
sendmsg(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  572.141224] Bluetooth: hci0: Frame reassembly failed (-84)
18:32:12 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:12 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, 0x0, 0x0)

18:32:12 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, 0x0, 0x0)

[  574.155729] Bluetooth: hci0: command 0x1003 tx timeout
[  574.162239] Bluetooth: hci0: sending frame failed (-49)
18:32:16 executing program 1:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
ioctl$TUNGETDEVNETNS(r0, 0x54e3, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
accept$netrom(r0, 0x0, &(0x7f0000000100))
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
pipe2(&(0x7f0000000140)={<r2=>0xffffffffffffffff}, 0x10000000800)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x1, {0xbc, 0x6, 0x1, 0x1, 0x4, 0x4}, 0x3ff, 0x3}, 0xe)
ioctl$TIOCGICOUNT(r1, 0x545d, 0x0)

18:32:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:16 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, 0x0, 0x0)

18:32:16 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  575.968197] Bluetooth: hci1: Frame reassembly failed (-84)
[  576.245723] Bluetooth: hci0: command 0x1001 tx timeout
[  576.251770] Bluetooth: hci0: sending frame failed (-49)
[  577.995628] Bluetooth: hci1: command 0x1003 tx timeout
[  578.001952] Bluetooth: hci1: sending frame failed (-49)
[  578.315560] Bluetooth: hci0: command 0x1009 tx timeout
[  578.795632] Bluetooth: hci2: command 0x1003 tx timeout
[  578.801024] Bluetooth: hci2: sending frame failed (-49)
[  580.075642] Bluetooth: hci1: command 0x1001 tx timeout
[  580.081037] Bluetooth: hci1: sending frame failed (-49)
[  580.885630] Bluetooth: hci2: command 0x1001 tx timeout
[  580.891012] Bluetooth: hci2: sending frame failed (-49)
[  582.155614] Bluetooth: hci1: command 0x1009 tx timeout
18:32:22 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x4020940d, 0x0)

18:32:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:32:22 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:32:22 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

18:32:22 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, 0x0, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:32:22 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

18:32:22 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  582.403517] Bluetooth: hci0: Frame reassembly failed (-84)
18:32:22 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)

[  582.955559] Bluetooth: hci2: command 0x1009 tx timeout
[  584.475587] Bluetooth: hci0: command 0x1003 tx timeout
[  584.481121] Bluetooth: hci0: sending frame failed (-49)
[  586.555554] Bluetooth: hci0: command 0x1001 tx timeout
[  586.560936] Bluetooth: hci0: sending frame failed (-49)
18:32:27 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TCSETAW(r0, 0x5407, &(0x7f0000000000)={0x5, 0x5, 0x1, 0x5, 0x11, 0x1000, 0xb98, 0x1, 0x8000, 0xff80000000})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:32:27 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:27 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)}, 0x0)

18:32:27 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x0, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  586.858499] Bluetooth: hci1: Frame reassembly failed (-84)
[  588.635574] Bluetooth: hci0: command 0x1009 tx timeout
[  588.875618] Bluetooth: hci1: command 0x1003 tx timeout
[  588.881029] Bluetooth: hci1: sending frame failed (-49)
[  589.675570] Bluetooth: hci2: command 0x1003 tx timeout
[  589.681000] Bluetooth: hci2: sending frame failed (-49)
[  590.955644] Bluetooth: hci1: command 0x1001 tx timeout
[  590.961047] Bluetooth: hci1: sending frame failed (-49)
[  591.755645] Bluetooth: hci2: command 0x1001 tx timeout
[  591.761050] Bluetooth: hci2: sending frame failed (-49)
18:32:33 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x80045432, 0x0)

18:32:33 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{0x0}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:32:33 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)}, 0x0)

18:32:33 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:32:33 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x0, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:32:33 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)}, 0x0)

18:32:33 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  592.628071] Bluetooth: hci0: Frame reassembly failed (-84)
[  592.636191] Bluetooth: hci0: Frame reassembly failed (-84)
18:32:33 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{0x0}], 0x1}, 0x0)

[  593.035563] Bluetooth: hci1: command 0x1009 tx timeout
[  593.835560] Bluetooth: hci2: command 0x1009 tx timeout
[  594.635630] Bluetooth: hci0: command 0x1003 tx timeout
[  594.641004] Bluetooth: hci0: sending frame failed (-49)
[  596.715706] Bluetooth: hci0: command 0x1001 tx timeout
[  596.721083] Bluetooth: hci0: sending frame failed (-49)
18:32:38 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:32:38 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:38 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{0x0}], 0x1}, 0x0)

18:32:38 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x0, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

[  598.795591] Bluetooth: hci0: command 0x1009 tx timeout
18:32:43 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x80045440, 0x0)

18:32:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{0x0}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:32:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:32:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{0x0}], 0x1}, 0x0)

18:32:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil)
shmat(r1, &(0x7f0000ffc000/0x1000)=nil, 0x5000)
gettid()
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:32:43 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:32:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{}], 0x1}, 0x0)

18:32:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  602.899205] Bluetooth: hci0: Frame reassembly failed (-84)
18:32:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TCGETS2(r0, 0x802c542a, &(0x7f0000000000))

18:32:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{}], 0x1}, 0x0)

18:32:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{}], 0x1}, 0x0)

[  603.085683] Bluetooth: hci1: Frame reassembly failed (-84)
[  603.864466] Bluetooth: hci2: Frame reassembly failed (-84)
[  604.955564] Bluetooth: hci0: command 0x1003 tx timeout
[  604.960971] Bluetooth: hci0: sending frame failed (-49)
[  605.115657] Bluetooth: hci1: command 0x1003 tx timeout
[  605.121059] Bluetooth: hci1: sending frame failed (-49)
[  605.915585] Bluetooth: hci2: command 0x1003 tx timeout
[  605.920990] Bluetooth: hci2: sending frame failed (-49)
[  607.035578] Bluetooth: hci0: command 0x1001 tx timeout
[  607.041075] Bluetooth: hci0: sending frame failed (-49)
[  607.195657] Bluetooth: hci1: command 0x1001 tx timeout
[  607.201173] Bluetooth: hci1: sending frame failed (-49)
[  607.995582] Bluetooth: hci2: command 0x1001 tx timeout
[  608.001004] Bluetooth: hci2: sending frame failed (-49)
[  609.115546] Bluetooth: hci0: command 0x1009 tx timeout
[  609.275592] Bluetooth: hci1: command 0x1009 tx timeout
[  610.075562] Bluetooth: hci2: command 0x1009 tx timeout
18:32:53 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa283002020", 0x12}], 0x1}, 0x0)

18:32:53 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:32:53 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:32:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{0x0}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:32:53 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x80086601, 0x0)

18:32:53 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:53 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa283002020", 0x12}], 0x1}, 0x0)

18:32:53 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa283002020", 0x12}], 0x1}, 0x0)

[  613.111272] Bluetooth: hci0: Frame reassembly failed (-84)
18:32:54 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCSCTTY(r0, 0x540e, 0x47)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7fff, 0x400000)
ioctl$EVIOCGREP(r1, 0x80084503, &(0x7f0000000100)=""/205)
ioctl$UI_SET_SNDBIT(r1, 0x4004556a, 0x6)

18:32:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:32:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85", 0x1b}], 0x1}, 0x0)

18:32:54 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1}, 0x10)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:32:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:32:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:32:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85", 0x1b}], 0x1}, 0x0)

[  614.398482] Bluetooth: hci1: Frame reassembly failed (-84)
18:32:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85", 0x1b}], 0x1}, 0x0)

[  615.115660] Bluetooth: hci0: command 0x1003 tx timeout
[  615.121055] Bluetooth: hci0: sending frame failed (-49)
[  616.475603] Bluetooth: hci1: command 0x1003 tx timeout
[  616.480995] Bluetooth: hci1: sending frame failed (-49)
[  617.195554] Bluetooth: hci0: command 0x1001 tx timeout
[  617.195625] Bluetooth: hci2: command 0x1003 tx timeout
[  617.206241] Bluetooth: hci0: sending frame failed (-49)
[  617.211668] Bluetooth: hci2: sending frame failed (-49)
[  618.555601] Bluetooth: hci1: command 0x1001 tx timeout
[  618.560982] Bluetooth: hci1: sending frame failed (-49)
[  619.275588] Bluetooth: hci2: command 0x1001 tx timeout
[  619.275610] Bluetooth: hci0: command 0x1009 tx timeout
[  619.280987] Bluetooth: hci2: sending frame failed (-49)
[  620.635651] Bluetooth: hci1: command 0x1009 tx timeout
[  621.355625] Bluetooth: hci2: command 0x1009 tx timeout
18:33:03 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x80087601, 0x0)

18:33:03 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:03 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba2", 0x20}], 0x1}, 0x0)

18:33:03 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:33:05 executing program 1:
r0 = dup2(0xffffffffffffffff, 0xffffffffffffffff)
sendto$rose(r0, &(0x7f0000000000)="f43fa69476", 0x5, 0x4004000, 0x0, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x8000000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

18:33:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:05 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:33:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba2", 0x20}], 0x1}, 0x0)

18:33:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba2", 0x20}], 0x1}, 0x0)

18:33:05 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(0xffffffffffffffff, 0x8914, &(0x7f0000000000)={'lo\x00\x00\x00\x00\x00\x02\x00'})

18:33:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  625.272452] Bluetooth: hci1: Frame reassembly failed (-84)
[  625.435624] Bluetooth: hci0: command 0x1003 tx timeout
[  625.442004] Bluetooth: hci0: sending frame failed (-49)
[  627.275654] Bluetooth: hci1: command 0x1003 tx timeout
[  627.281081] Bluetooth: hci1: sending frame failed (-49)
[  627.515553] Bluetooth: hci0: command 0x1001 tx timeout
[  627.520921] Bluetooth: hci0: sending frame failed (-49)
[  629.355595] Bluetooth: hci1: command 0x1001 tx timeout
[  629.361010] Bluetooth: hci1: sending frame failed (-49)
[  629.595586] Bluetooth: hci0: command 0x1009 tx timeout
[  631.435734] Bluetooth: hci1: command 0x1009 tx timeout
18:33:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0xc0045878, 0x0)

18:33:13 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, 0x0)

18:33:13 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400", 0x22}], 0x1}, 0x0)

18:33:13 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:15 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
syz_genetlink_get_family_id$team(&(0x7f0000000000)='team\x00')
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:33:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:15 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, 0x0)

18:33:15 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400", 0x22}], 0x1}, 0x0)

18:33:15 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:15 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400", 0x22}], 0x1}, 0x0)

18:33:15 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:33:16 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x05\x00', 0x4001})
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000100)={@multicast2, @loopback, 0x1, 0x9, [@broadcast]}, 0x478)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, 0x0)

[  635.522307] Bluetooth: hci1: Frame reassembly failed (-84)
[  635.675552] Bluetooth: hci0: command 0x1003 tx timeout
[  635.681147] Bluetooth: hci0: sending frame failed (-49)
[  637.595605] Bluetooth: hci1: command 0x1003 tx timeout
[  637.600983] Bluetooth: hci1: sending frame failed (-49)
[  637.755647] Bluetooth: hci0: command 0x1001 tx timeout
[  637.761033] Bluetooth: hci0: sending frame failed (-49)
[  639.675656] Bluetooth: hci1: command 0x1001 tx timeout
[  639.681045] Bluetooth: hci1: sending frame failed (-49)
[  639.835639] Bluetooth: hci0: command 0x1009 tx timeout
[  641.755605] Bluetooth: hci1: command 0x1009 tx timeout
18:33:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0xc0045878, 0x0)

18:33:24 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff", 0x23}], 0x1}, 0x0)

18:33:24 executing program 2:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100)=<r3=>0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000140)={0xa08})

18:33:24 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  643.799386] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
[  643.825344] Bluetooth: hci0: Frame reassembly failed (-84)
18:33:26 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x400000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000000)={0x101, 0x7, 0x10001})

18:33:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8c", 0x4}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:26 executing program 2:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100)=<r3=>0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000140)={0xa08})

18:33:26 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff", 0x23}], 0x1}, 0x0)

18:33:26 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:26 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff", 0x23}], 0x1}, 0x0)

[  645.719196] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
18:33:26 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:33:26 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x88000, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40300080}, 0xc, &(0x7f0000000100)={&(0x7f0000000280)={0x174, r2, 0xc, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x68, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x419}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x20}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x2}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x6}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x100000001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x80000000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffffffffff01}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_LINK={0x60, 0x4, [@TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x81}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x80000001}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfffffffffffffffd}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x400}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}, @TIPC_NLA_NODE={0x18, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_NODE={0xc, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xa6f}]}, @TIPC_NLA_BEARER={0x50, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e24, 0x5, @remote, 0x5}}, {0x20, 0x2, @in6={0xa, 0x4e21, 0x9c, @dev={0xfe, 0x80, [], 0x12}, 0x8}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x80000001}]}]}, 0x174}, 0x1, 0x0, 0x0, 0x20004011}, 0x48095)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  645.837789] Bluetooth: hci0: command 0x1003 tx timeout
[  645.843305] Bluetooth: hci0: sending frame failed (-49)
[  645.940623] Bluetooth: hci1: Frame reassembly failed (-84)
[  646.700968] Bluetooth: hci2: Frame reassembly failed (-84)
[  647.915597] Bluetooth: hci0: command 0x1001 tx timeout
[  647.920987] Bluetooth: hci0: sending frame failed (-49)
[  647.995581] Bluetooth: hci1: command 0x1003 tx timeout
[  648.001007] Bluetooth: hci1: sending frame failed (-49)
[  648.715677] Bluetooth: hci2: command 0x1003 tx timeout
[  648.721057] Bluetooth: hci2: sending frame failed (-49)
[  649.995580] Bluetooth: hci0: command 0x1009 tx timeout
[  650.075604] Bluetooth: hci1: command 0x1001 tx timeout
[  650.081024] Bluetooth: hci1: sending frame failed (-49)
[  650.795593] Bluetooth: hci2: command 0x1001 tx timeout
[  650.800989] Bluetooth: hci2: sending frame failed (-49)
[  652.155584] Bluetooth: hci1: command 0x1009 tx timeout
[  652.875714] Bluetooth: hci2: command 0x1009 tx timeout
18:33:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0xc0189436, 0x0)

18:33:34 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8c", 0x4}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:34 executing program 2:
r0 = socket$inet(0x10, 0x3, 0xc)
r1 = openat$md(0xffffffffffffff9c, &(0x7f0000000080)='/dev/md0\x00', 0x0, 0x0)
ioctl$BLKBSZGET(r1, 0x80081270, &(0x7f00000000c0))
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$BLKIOOPT(r2, 0x922, 0x0)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000100)=<r3=>0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000180)={0x3, [0x0, 0x0, 0x0]}, &(0x7f00000001c0)=0x10)
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r3, 0x10, &(0x7f0000000140)={0xa08})

18:33:34 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:34 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040), 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:33:34 executing program 2:
unshare(0x8020000)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
unshare(0x8020400)

18:33:34 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  654.047607] netlink: 'syz-executor.2': attribute type 1 has an invalid length.
18:33:34 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8c", 0x4}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:34 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040), 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:33:34 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:33:34 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  656.155678] Bluetooth: hci0: command 0x1003 tx timeout
[  656.161435] Bluetooth: hci0: sending frame failed (-49)
18:33:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000380)='/dev/media#\x00', 0x8, 0x8400)
write$UHID_INPUT2(r1, &(0x7f0000002ec0)=ANY=[@ANYBLOB="0c000000f000a43ff1ad1c875cc6694ba1843d6b8aa8651a76d33641f8b66d94307b90670a258e2266b8cc2351cb3900e41e6c6f1dbf2190c19013aed542c30cf9c0d632cf43f3004f8b6a9af69b5d7d723857c91e0e5aa2637fcaa3a65deade9900e31022577e95dc94228c892b2dec12b1d1f955dd3880c49b55ef305bc0a4b28f9e084fba709f535436f9a02f68092ebb555963c5f306d5334c15d9ab6ba818156e47a1af72f38b82b3f0e14303bec62aacef3e265af1b56461d2e326721f3a77587caa7e0dd9ecdd79e1006b6f30f61615403b34ce0ce5f72c7c355062b3329d93d97b53dc4211c207bf8d"], 0xf6)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r2 = socket$nl_crypto(0x10, 0x3, 0x15)
r3 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000580)='/dev/vsock\x00', 0x102, 0x0)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f0000001100)='/dev/zero\x00', 0x0, 0x0)
ioctl$KDSKBMODE(r4, 0x4b45, &(0x7f0000002740)=0x8)
sendmmsg$sock(r2, &(0x7f0000002c80)=[{{&(0x7f0000000000)=@vsock={0x28, 0x0, 0xffffffff}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000100)="a291f8a84fbd57fd0f2778df4251853546e4fe772844578a54f0c894c25e48b3ae03d123aa02aa248748dc98bb49e809ce58eff7fe6b799097dbea193d0b121cee48c633ee3796cd959d099a43e2b4add1cfa1cc88492b743424c55f9f5b8e4433ea3f362bce52cafb6eb8d85cc76a0755b04081430a6450aa4805dd0d1d62fdc97d266503afdce863547763e56f02193d7d8aee037ff74c5db90b94ebed", 0x9e}, {&(0x7f00000001c0)="10f6daf02e8418d7aeea7fc62e892cd8ff0e5032e9a04aa2a894962026045be5a98a2a27350773089c6333e7110db5e028a9c242299836982e7b4196d87f18c9a1a51f22fe28851a023c0acb38c90de85395f56d88", 0x55}, {&(0x7f0000000280)="41317fd02a10f5ab2bda2a6d84be1718aba17ad19b4111cc4adc133174475f69c319cdf66aa8498b268764121d68ddc1e061c64c15342b7cab9c0a173fe14c80ec7bd8", 0x43}], 0x3, &(0x7f0000000300)=[@txtime={{0x18, 0x1, 0x3d, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x2cfe87d4}}, @mark={{0x14, 0x1, 0x24, 0x5}}], 0x48}}, {{0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f00000003c0)=[@timestamping={{0x14}}, @mark={{0x14, 0x1, 0x24, 0x5f}}, @mark={{0x14, 0x1, 0x24, 0x6}}, @timestamping={{0x14, 0x1, 0x25, 0x1ff}}, @txtime={{0x18, 0x1, 0x3d, 0xc860}}], 0x78}}, {{0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000440)="7dd5b01fc75213fb36af1fcc99e9b14f3bb128", 0x13}], 0x1, &(0x7f00000004c0)=[@mark={{0x14, 0x1, 0x24, 0xaba0}}, @timestamping={{0x14, 0x1, 0x25, 0x80000000}}, @timestamping={{0x14, 0x1, 0x25, 0x15}}, @txtime={{0x18, 0x1, 0x3d, 0x3}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x8}}, @txtime={{0x18, 0x1, 0x3d, 0x7}}, @timestamping={{0x14, 0x1, 0x25, 0x9}}], 0xc0}}, {{&(0x7f00000005c0)=@pppol2tpv3in6={0x18, 0x1, {0x0, r3, 0x3, 0x0, 0x3, 0x2, {0xa, 0x4e20, 0xeb5d, @rand_addr="b6da36407227dd18f4a349debc0ccc1f", 0x8}}}, 0x80, &(0x7f0000000980)=[{&(0x7f0000000640)="026915392b38dd372143a8e85f708e5ee105906b13f8d5cf5666e4e4156e27358a40f90a4cf112c4e34c92fc923f2e27d34d19388cd135104ef413f1557b38276f672c2d777c25c27c4a165a8f6880e4028f62cf4d7d4bfcc587e5ab3736f1d46da973f22b004f8e5f", 0x69}, {&(0x7f00000006c0)="4eae3defa94de1d6c5a71d32cba3921299380aa4fccd3d84785c695ef5802a6c942a196e7db614215c7137adc4310c04e0ed029b24b240882d7fc92c8cb345e09e5d5250d05a1d53d1ba7269529e7e748fb478781ea1ad4046865526af99a4c20ae0e6c8b6f32c8d23e832da60e09b4679f6addacce8e9c8bd111ecb3d4cb745", 0x80}, {&(0x7f0000000740)="5121a72701681b82425725d8e807bdfd3ff8ff2e874737f3", 0x18}, {&(0x7f0000000780)="0f53c5380d9a77b8493ee2ee7b07d058dbd663a00767ddface3110331ad3f7dc81e621203a5fff98284ca0425e9bd66790d32e110f5938c8f94512b63fb9ce650dbe92cf4dd369803476098bae9a09dbb3da735d5eeb8d4c1b8857b2906964a349c60cfd83060898261e8f35178e6facb4e2fc271b97b0526923a1105008fa701a6eff8380d32f974c125a7d81b6662898b4aa28a7728a69051a4414e0333e80a0ae325612f860130c1d2db933d99ac5255c63451e96634d30ce73980c8664894d9e40289d29c75953d6bb6de508bb7e25349897a9ef0b09aed13c8881efb23ffb29a9b98c1ae86ad632661b4c0716b0323d", 0xf2}, {&(0x7f0000000880)="6b19c4376030c709d11783afaf526279a223bb1e4fd9bf0aa59668858c531eece7898651446d3d570f465dc53d9850861cfb95c1055fadec4fb38ea5863844b9b5af01f3f39cf9f938d116dab7b04706b3a21684051131a9bec085c711e41b39503d7eba5fafe7c3cfddb1c3124b02bc40f01db72e812c81e6d048875e3434330d4602a3720fa1fafbdb02a847222b4feee5ca8bf5f5d7219efd0d626fea37abf03a5bc4c48e803ffd007d82281c2b0caa01ed3853979010a6bb232bd7e4242a7fa1d306381d7c47930d9046740aa135c7e34523f57691cbd729f69be7d64acd99f705ddcc3225cbda", 0xe9}], 0x5, &(0x7f0000000a00)=[@mark={{0x14, 0x1, 0x24, 0xffffffff}}, @txtime={{0x18, 0x1, 0x3d, 0x21}}, @txtime={{0x18, 0x1, 0x3d, 0x1}}, @timestamping={{0x14, 0x1, 0x25, 0x5}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @timestamping={{0x14, 0x1, 0x25, 0x10001}}, @txtime={{0x18, 0x1, 0x3d, 0x2}}], 0xa8}}, {{0x0, 0x0, &(0x7f0000000e00)=[{&(0x7f0000000ac0)="f73e63cbdb9843d0fc65d62fe5b93f3a2b906d3ae6a3dab514752ca017b7f0e2a33f33452b5205e45e7f177e78299b6bd4580a5195da5dd7025c0f1f3b505eaaffe175ae86feb2d19ecc3d0486a4b1cfd88d49f1b6b00887bd9c4e2aee9328b98827b35269993abe4fc8619cff78c2512ea87f6f9432a66f4f43b46e3cd1636bd5d659318487b6de0f9dab3491f0040accf53f370b15", 0x96}, {&(0x7f0000000b80)="ce4f3d1a49d9b457f6867b1699f71c76900527f9744904e938d5672a3318c8f2956d350bb73fc272429b2538e51a4c69c506c699c64744659a6b571dfc3044173849b4db3103219a96e20624908fac3a6f1e23a773c7c06d76322aa4b6c4d8461fbce508e39edfb8f317ba24f107f6068ba1262995e5bd34386700f4a3f197a6b7d2bb37a138656fc4271629f2ac888650fdae8fcaf7eb0c4cf8c05f13bcdb16c49b64858edacea81095f3bcaf9f9437322318f052d40d595244ef50aabad121778b47aa1c0c365c2cac35d83f375acb2bda", 0xd2}, {&(0x7f0000000c80)="f0edf62078396f642ffbc3ae754eebb30768d767ed382543339a63eb3caea70ee73e22861d5fe5279e3be420ce55f35175cc1cb111", 0x35}, {&(0x7f0000000cc0)="932bce82b5120df8fa9dc7a3f942bb06b7ae4bf8bd860ecabcd0631e6d08757135bb3a02376831e6b9e709946eea131dafa5425e9d276597d4aab450d217475858f508a6b988b2dcae", 0x49}, {&(0x7f0000000d40)="c1efb1267ec8ffd2ff2fc96297f398529a5daa4689cb11649c04781673e553c2954c8107372bec7c1d6dfd538c80a50a833499eca8cf63d9dd9d96c088231fce762d3cd012d792c9c332f4b0893bc823f84e712c3dafdec8f3e33d3fea6aa0449f23ad83e7b89d51d6557460e9cc4bbc1d2087947bb737f7a67100e95638c7c96692d8b3f54bcff8ccf25d2a17942d2965a38c74498d7adb2ded77861edbc1e1b88213821a36f6720a78ff05b8e71f9835a45e98f93d07", 0xb7}], 0x5, &(0x7f0000000e80)=[@mark={{0x14, 0x1, 0x24, 0x8}}, @mark={{0x14, 0x1, 0x24, 0x4}}, @mark={{0x14, 0x1, 0x24, 0x5}}, @timestamping={{0x14, 0x1, 0x25, 0xffff}}, @mark={{0x14, 0x1, 0x24, 0xb3}}, @timestamping={{0x14, 0x1, 0x25, 0xff}}, @txtime={{0x18, 0x1, 0x3d, 0xff}}], 0xa8}}, {{&(0x7f0000000f40)=@x25={0x9, @null='               \x00'}, 0x80, &(0x7f0000001080)=[{&(0x7f0000000fc0)="62c6f372cafcbf42ee922e1869a2a09ff388dd2cb8c72bc357e4d4d18b91067dcf33d889a842f55904faf9a31267812b6db9c591c20e7c617e99a7bbb7d8e628efe8cd329c54a0f0f242b7344597f21a1062a131ca30c008ac8eb8cf99e122b902d49abecc7c4d46b1ec6aa6bb70f7b2fb4d9c04360583ce9baefcc6dc1fa25eb7fec314b57aed443f77ffea591d1d04b2bd11c3792b226f09b3de13384ec6fcefdf9085853b7c9bcca65cbc551623e126eac5b7494f5f52153fb27c5155", 0xbe}], 0x1, &(0x7f00000010c0)=[@timestamping={{0x14, 0x1, 0x25, 0x3b6a}}, @mark={{0x14, 0x1, 0x24, 0x8}}], 0x30}}, {{&(0x7f0000001140)=@pppol2tp={0x18, 0x1, {0x0, r4, {0x2, 0x4e22, @rand_addr=0x63}, 0x1, 0x3, 0x2}}, 0x80, &(0x7f00000024c0)=[{&(0x7f00000011c0)="7415dcc2ab1a1106e1e0114386808d36be51b06c1026c0e395ad786af2cccc2858aa7611eede40568eed178b08c360e3caa099752f36c77e497e98e7cb8e759fe27a96dafcebe24196fe8d1aa74e08ef4b42ed27a9f98abf3867c13540957e202ada7af185c13d947b1f45e1b6cd3eaf08494d58f8e28e0216e76a9f261239c27365f30480cb4be0666961ad755277d9c22888e757fe6c498ffb4ca7499e9b5c6e94721d1c60975cce455fff9b0c4691de47da745bf1f4f92e2845f97cf267bcf60c8b7983f81a6bb4a33f6fff5ab49f5ece56", 0xd3}, {&(0x7f00000012c0)="cad0a1135b0469bac83ea248e099742ffcabba9448942012f02b", 0x1a}, {&(0x7f0000001300)="df41d910986c63e2d9", 0x9}, {&(0x7f0000001340)="e2fbd40be92e365fa5adb77bb49d1d3a08f20c4a802043144e0e0306663d2aa2db9024f57795a0f711abb25b1c10277d4fecd3a0d9ede4a347cd3b81d48bdadf4c5cad2e9ab14b174c7d39ef0c2160e0045d4541894dc6e8a2848491bc3211f0a98e3fcbca5362c0b5828f4c9507cb26859dfa0d537a2e0432ed80193f85c934bfdb760312eabaf00a639581125bdeeb1fea624dc1371c20ecd159ac18e1baea69f4d38a2919212e2d513b8a0476e380bd1570680ddbe8dce4a38032c9a6577c3e43d994767992f777c7cad642bf59110a1bae0b4f8e397308aff31a3e5a5878d1a4118c68478746ec3faac63a18a2088e3a9227701efa6a7847863aa4507628140d76bbce968b2970ea82a29456c55b58ce51aa811ce14db00ec743767f70304c425793d0cf39ae3003a16cd6d74405215696bf717ef58b938d4d7543f6a64b25f3298805a1f8d62cfcb93600469114d29fc3c8e2df20025dbcb9d7078e433354193a07eda45eccca8296c8173dc048affb3eabdbf113455663fbfa3e62d4f47e2f130bfb31bb84921f040c2102e5acff5f74ec3249b1383a89fc7d4ca0d07ecd9a803d49ad1a5db6ea5e745467e9aa36ace1fb3423a3e167941371ca9af503aa979061eece187c5803e961e997e406858890328c5907940e5f326afd54f91b856f0fb28b1ad919d97210a09091d1313bfa2cf8e366b4d0d5e88b510fd8b3fe7722adaf44d1b55738bea686d5b09707065be7eb17c08b845899307b1f87bd8151645acb2e7a364c02534d3742d033108f1b98dba2eb9a094f435fa6d690a082a869372f34a07ba14528d6e29655e6d29bf6fc08cadfb291428fdf93a907d6740fa7abadf7193ec5af14386d7425c94c266164ba2731b9addacd88fc0641df9cd8d3f0b6417ce825f109bf180a66df24e152d0ecf9e0d50252cda1d997fce13209ad8e0e9d7e61fdb67378099ead80d4dc12dc098a1095bce23b7b1ba6665792387577ac4e96e35963f7e0a87896c07aa0a5a4e3dc1cd24b6ad91d28e6b2cca4e1fc8ba31c474a11f8a3e144c5db401905e7bdd0eaa73bc5ea331e29824a7c3a260e8556110595e122117290c8f2587014e78bba8a2cae9afab8f1702d2d2dd54ae0f05e64a9b7034c226f733b7998c89d0070a95967ed3efbf56e8c919a4905b4a0a700232a328648f90999be79992ebd3a91a74d2e0af4e8cc627a330c7dfbdf12b2cb9f5509227bc43274ea6e622e4360512cc9d866efd37757aeede455158e7df5358a61dfe9b17c3a5fd44a4700f26f93613536077cb23f7f020eb1b105170adad58df1b602ff0c04a21f2910b3d1cc7671eebd81beba6f4a8098e1e0d5ee161ac9aee9dc5f3e7804935867ae078d7721529e62dc3abd5ff11f0a4d8a3faab3b0a01597a1646b6fe53f2acc5ecc0355e8beecce80849bf4202ee595590db48625067d0405f2b049a773906bf5b2e60709b979b5e6fc7535833d2abdf60308a4497a88a3a9079ee319da071133b35ddb127cb76b3ec6627e8c6cc834951d37acb2fbc43380c7b10c96fe1e62cc8400e1988a67d7fb086fd34a1972717710506aead579038543b28e53382bca138456c7fdca8b2bda61bcac4052fba8f0b4939d2c7fa70024684321af9a7f21f5e43026589821246a2e2c102311f074cdf06a299fc701b1d84da488211557f5834cfc1413a4b53f82f992dea0aea9f69d1f5a7d796d8a2d8330d3f2ddbea5612d063653d042fa6796b72dc7750ad5380387da7d2e62cf8687ce447d77fb85ea716c917aa0a981eb9af4320c497c3b0cfe67799264853d4dcb36f714febfdb656a3520908faf1712c0e82d2c644ed9e8fe2e275db458505d0f4af356defbd3eb3896a8ad8825965aee14e0bb0c008cd3b514afe97e2fc4027d366944c35248084e9b05f57c9da3fff96bfbcf3518499a9df2938538aa8ffcb81d1ae264130ccbe28bf8dc257501279e80fba4fe806658a05e6446266173432e26842b1f7bcc94708db4034686e6943f205eb2ad4034c827a985d8277bc253abb32735aae18a89a38a2bfbd1edf60ba5c01907035422d5f0635faedfb3f9bf62febec4538a1c0c24e080aca94345f11c57a82ba0caa3fb77bb832c895ba3d9504734672649551c39f5f66ddf6499d6033a0dc37f85ac36f089766b502d9b38ed990036af68a54bbfd034ef045243be0b86a5429496a0bb3b594b3b593d98f472ff6032bfbdb587ef8ba549b052bb2d98cda9e475e8495e2be249594e9dbd38bf5a83c5fb36cceb9fb96a97a76bfd4487182b8a72a9e8a21502212bfcf9a1a9f1a9b4a243c5843e4c84fa9d3eb16076f82e529d1f8ed102cfeb304156ad18ab2e3c63157e0591990cfd3a77c3decdb20990a51198e7b061b2a83967ff0ab9675cf02cf5b1cba3004d278b1d628e53bd5c1a87724e1d53019af3f515d04af07b4f584e6c402e1f3659462b5c786bded4201eabfe174e320dc0b87dac2c51436a5a607857c520eb98e0a8e2dcc4aa7f0d077c58577817be220da31f9535e0157124a8c32fd9d77a2f83ec9d8a10056d1e317f78a0e4585e436a1a4dad5d8f7fc7efde7982003af8cec172ac1c7d54a52fab9fc6d53c94f5b80eca09d4ab7fd942fbdc4a20dffbd3bacabc5dea03cf88572df166cc423643ca52194cce1de5b8c97a7e2c29494e0f52d73693b1da130c62911fd619f01cae826c74e2aff58f0f70c0eb853098f37909987899b866ed0807bf0ff86f150bd947aebbe7b8a687e04ae873d56964e0effffcb89db604a30ab2d257c0610efa6541f3e0acc3c8f28a0bda76fdeb855ae9368d92d01a8ad2728ffc4afc4ceda687bf94be8c51beecae0cfaa54aca7ae3e3a29a75bbc43212e6828ab8122698f9e812426580095786fe2bc02fb2033902a161ad389ef0822cecba313dafc684fbac6a93e29b7d3e0ac4d01df043cc2b01648323ebc7f7f0a2809c1e970a1a4da436708a459e3578202df577e007ed1f92b12fae0437e8384556dc7d09a0c9a58b31c3444128ad179e0775f12e281535e882029b8708502160a3c44f20c1c1c0e90a4aac2371edef73077f61f25195d6a6a39d0e12bd9201b0bda73d69cffb19e251a4ece2d1e7562425c76242d5f4a6e2f6790118538f23a4cb676314fd48124c8205021de399afa64cfb5c87fa03279239b2c5ee7eeb752969823a2d131c79575db821bed426c8a37ea1cc5f607b527e4094bdce35502f8b9fb89da0b7e2b22b44954ad4ddbbcfec7a4272b6adc3f23bfa3539ce83e397ab445a4648a101208c043b55a34e6f3b73a83b1380aaf0f5a43106b1be3f14e81cdee5eec8ee5b1a5d0f253ba197f348340cdafc97efcf3a383c16186c2162e0f82d3472d0378004deb4bed2cd9a6dc94db67a85403979a120bbb4b0e1cc38b385bd39f46acf0c6e932bed1de83566dfa12792a3c9a2c2fbb9b8cbbc5840ee4194a3b31f28c88e2acc5eb26718e66812daf3b983878aaef6ed9c1c6149ccd5b7de7b52b8c80f172ae9ad49924de77174dc6d46e68f3e4696219f5a3c95cfbeacbc08de1a32a0eb1fd515a626a79d737b8499296dbf5eac0ff360f531ba763b13d0ab3db0c4cf76862cc6ee50a487dcd70fd6872b72091bc3a22a414ee88ae25ed99f4c9a3218bcbe577dee16e6914cd621b71ed04333275c0ac292ce25bed842ae02a48610cd97977d63c6c43e0ffe009729d88b3893693efeffa99bf765ca062eb697930fbd87c9224b7e7c997579e9de23ee6324d37182a54062f671be1d99b508e8b83507be754e8b4e974b5f0a427755da293836fa0ed2174fd8e4df26085f3e4629ade3f066312a42115b8eb80f6e891b932615e820dbfb0db79f011fae68b770c22351303927b1e05e8af6e474bf546d81e0de4400adec48d09b9d09d217a0bd66a751ff30a06c4b7eae82be32b43c69d06cc87791c37323b9e33a9e24382bd6933dba778e61984dd802a2cc5f39970d8085b976587da5c707a433ab80a377399c28bb1c6746a72c5f31823a88aad4fbd39436404ef80a42dc94d107753fa4f14ce45fad7eb9c2e450a24c867cc04fce03e68b1f16d8112194f98e3f899f4fc678421b459483944a7e78b234b68071284d40d3afc3c458854cff7c0c242d3969370525f4fd87e1950544e1f99041f11b686325fd62a6543c0dd75f4727205d43a3189351571df852f070d8285a153a3bdd197c1d28a24843ae32be6eb03da3fbebcba61ac6d499ceda510dca6c64e23cb1fc9cf351f5dc61c22ac3aa6931f849d750ed4cd82c9a0a3006017cabf9a9448609694db8e86c28a4be9dc352d5675b9198faf244f075da3ba04c4c7917f1ae5e1eebb1642a7dfa96a4d759abdb8c50d68f9de36006c63714ef15a787eeea5dc9da6f523e06a0e4c12eef2ef79088ef2e74805515649f30ea79084d8b0e6811b0aa906fa0dfaef39ec7de5f5628fd0093d35d124cddc662c61cd5654e60277a39825ddee7bec4e232085b110e55cc0b5b66fd910740b26f6bde4b522edb4c0aac6a2d81fec01ab0bbc31d23a793e5772b35fabd7ac66d187b1dd560df50f9e87c3682d24f57c7934a563ade5610adcd4a9aa046407421c4dc23aba74dd42b0720be3c29c006379040996ea780744d9b71b8ba1241dc4374ac22340522bf0b22810d4afc1fef7b73ef102c0adce940d3f169f9cf7ee32b7d833277ac32dcf0fa82a7801ace3ffd2c7a3dbffab43188b4d2b04e25d8150bdb848d894b1800480d31b5d49d914d4e97d3b2f8e7bf28ab50051ad99ff2aa511f9244ec22e333fa595bf7eb11188987581424182c85b7e5fc4f6b221ed0392c87f640943d99ee367e864c4ab68ff1a5ce06fac75609c699c3a3f59ec5248fea2313b543e3bbe251a0a091a64c8a11838e043de6c191d2cc99ee0c17ab3ac1a56a5308499ae4f761e95eb75511958ce70212095c5fff2e17722b987b1655e3a1450cfc8bf05ec839fa0e1e4a630a99f96ec45830d0d5873d620d45b23ab1a19c3cd52192ffe87290b5fe97b51db89519514b0c695c267f03af3b155ea11918426ce3c738862016241dec6e872272c726d9b041a128e9d5d8dbc529c247ef670ed87e87072b5f976d39b06fa39f1ab577ce064737f37d11491f5d1f02acca2b577f9dd52fa3e1686c325a6f6792885fd3f5de2f083ef84a8f8cf155e930018e64c3f8607091447666441a3a1c86494d33c32cce9a4018253e0d0d2330aabc5629b9bd1ba24e44f324639e1247ddccc573ac5103e43a7444d2801520e7bcb029426d080d8a72d0fae47d437e7bb88ae9b544323167a0c2e1f7f5bdbcc9a1ef5ceeae1ee86fabbf27a851f4897763d51ac5d44e670d99462bd495610bb051a4bc09644d10aa5eac2291eacd3ac6b1fbcb525800f3453a92ceeabcebf95430e326ae946e206c48ac206880e5bde8adf8e0ac8cc31da58f97cde36fb88cb4c796948c02fd5ce9effc15ddf89a0253824e26f84e71ed2e88a0ac32dff26b81e47c5e2924f03b4d59b28933cb2da71b229c459e468fc9df0b8d213c5d9c543fe675b3dd572855db3a1be94411347270b770ffbbde00b75b25c2cd2b38f46860f59c5429b750b51ab240613370c2e1c1c1f70aeefc6cb5026176f044297e78b139871ee406f03d25c76e6e9d2d770132004538815692203a0f29b6f633e9659c4bf2b770ac85c66e018ef95f7d4107725993942af4a8e53e787159eb4c46934f9cf3bf3ed989924bc97c97cc742607573a63274b0da233d23b3079bb7ff6e5e50172a036a5604a", 0x1000}, {&(0x7f0000002340)="f4b84874410aeabdcb28c09ecb7f6c77c492941861d43e919a26b8884e0e0457d0c8f28e02f0be619002515a2e2dbf763a77", 0x32}, {&(0x7f0000002380)="3c0424ea63ce6f04ec17fa31613176a7883a7a95af74305a9774d9b5386fe18b49343adeb2820ec850ff22b23f28cb2376b2ae9c8d8e99ca7ec410f3c40a3bf6b95f1f7ed7396608e3babc30", 0x4c}, {&(0x7f0000002400)="98087baa14232fff88a897c38981908fc58e8bed4f898cd29b59e3cae2239e99e60a3a995b14c335f87c1d11fefb8f836031348ea9fc7ab703b27f868ffa116d05ece699257a9c7a1f068726cd066da172b22eb0bc4de7104a33836c96bd895e8d701b61676c8fdc6dcdbf0e4e18e1950ec30763a595541b2ca5a23615f6fffd729e70eb27e468d6c8ea500a29e976053ee3f946ab7946a80d763f942015871d8fc5a959566f75", 0xa7}], 0x7}}, {{0x0, 0x0, &(0x7f00000025c0)=[{&(0x7f0000002540)="29fd3e54957b6af54f61058cd9e20725452404fd37d0764364c1b53e7fe6e4ee4d2acbd86b60282a1e959da3449442351d2cc9394215e66a75a0b357e7cd0622f7b580eb0d463a9e8aea83b97ad9eeeb5f0d8e78078618cd492695908466ef0ff847297d84da", 0x66}], 0x1}}, {{&(0x7f0000002600)=@rxrpc=@in4={0x21, 0x1, 0x2, 0x10, {0x2, 0x4e24, @multicast2}}, 0x80, &(0x7f0000002b40)=[{&(0x7f0000002680)="f3d8cd80ed76b33c181133970656102f02f318a1334988fd321228754cb1c8ef7acefb893bc3ddca5294d146e9593dc94f6234aa399eb9ba9d12acaa74b0c03b0210c7f839466d5ccd02343b2eac7c8fe2c80e0940e5fc2775553ccf582d48df659abe90285bd4692e45c979496aa72b7e7797768d70a0222be786e8997f6c5c1b6c2bb8689730f9086b5f64edfca18c305478b8bdc67897833340bd529e861c2a0a0670d7061ba3ae4ede70739f2d628f35b5953788e9c8e9140a1a0827d6", 0xbf}, {&(0x7f0000002740)}, {&(0x7f0000002780)="3c9ff3c4aeb8afb895f8b0faa63e4d9e488bf9b817422fb551d829ac49939cf2eae63d4d13ad8bb6c82086a0cf63f71a8a48696d01c0bc105866363a81df2208840ea3e1a6b1c998442f0ce36a8a7b1d7a044c0697d5448bcb614b25bc53371f0b83ee0516cce4a6538d7087824aa59d5ef2dc53fa2c95d06aeacd8eddee21f9c32b8b55f6f6768d974f59220c4a61534d09a2554a20463a293cffef13fc9db33c5fb32a27d4c35f533eb6e5528058b6a2f84e8835ccf04750d8489e30a64833db58b06d5f6bf27e5609cae98b888d1fd4270c66d52a6eb305dd369b", 0xdc}, {&(0x7f0000002880)="5d521a93c429d677d2499d848ec87bf198bb6ff26c999fe99a5d1532a0722ffb40b0ce92d660549e3a1daff4dd44a961224cb2bf89ac04e8dc1ebef5ee4f3bb9b79398edfe45f12537da96fd2eaa816413364ea7f28c92936fa5154a51783bc31f44a8dd06114555fe4676930073c4f40873f9ae57398e7ecfba3ce48ccf77d1b6bb05efd0c011af32762b6eda9ec4da4fec54a984969a32d4b64cd49905072479d6715d2936564d8d251822777608c0ae8fdc813dfcddfb7cce574232ef8d37d7068a22b489e2279c4a593ef308b530e63b3991c5539d20742742", 0xdb}, {&(0x7f0000002980)="dbbb1b946d4ae35a7cb54a851928abd2dbdfe7ec95f6c31909dfa33f920bdab183c1d48c31f50f9b11591a2f94c0ffa9fd9cc1597a8fe800f82ea41a29031e4d59a34d6c259d373613e954428894a938e9bc6ce1d2fa795c49ed1ea679ca6109fc12f85245ba2be910f1e47dabef4a6607f8802f2a1c213f0343c3bdf6c107341a586b2edafdf6d0fc06339c07a57f070d724c090d91f2112b4e7dd595f594083fa131a866bd5d0fe94714c76a368acb1c161942b4be0712f0c7010ba0d7b76d3bb7c5362aa1bd312151faf43ceda4fdfc21aec23fdf5ee9f266a5f45b52a45698", 0xe1}, {&(0x7f0000002a80)="33be28eec5763fabda3badbd6baab2dc5391b989cd6df3fd957ffb4740d43b692a3fa7913843740298ca3bce8679190d71c04510f04c203452a8059af4d4a21278ebedb98f9777f398b4182512d70fdd2f863f2fe24b83562f84d4fb46b0d8200ca5b7bdc35882e2d10e559fa50f4545bbaed304265a392c8b27c550801c98c5924059e54fc74328716356e9971be71f5fac8f5657c4f6c2b446e3a642654b9bc3ee45f7b6d68c6142858a8225b214da21469795b9976349cfa817ae", 0xbc}], 0x6, &(0x7f0000002bc0)=[@mark={{0x14, 0x1, 0x24, 0x10000}}, @txtime={{0x18, 0x1, 0x3d, 0x737}}, @mark={{0x14, 0x1, 0x24, 0x80}}, @txtime={{0x18}}, @timestamping={{0x14, 0x1, 0x25, 0x20}}, @mark={{0x14, 0x1, 0x24, 0x9}}], 0x90}}], 0x9, 0x40000)

[  657.224032] Bluetooth: hci1: Frame reassembly failed (-84)
[  657.270484] audit: type=1400 audit(1564511617.708:63): avc:  denied  { create } for  pid=10981 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1
[  657.294622] audit: type=1400 audit(1564511617.708:64): avc:  denied  { write } for  pid=10981 comm="syz-executor.1" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=netlink_crypto_socket permissive=1
[  658.235719] Bluetooth: hci0: command 0x1001 tx timeout
[  658.241118] Bluetooth: hci0: sending frame failed (-49)
[  659.275574] Bluetooth: hci1: command 0x1003 tx timeout
[  659.281284] Bluetooth: hci1: sending frame failed (-49)
[  660.085578] Bluetooth: hci2: command 0x1003 tx timeout
[  660.091008] Bluetooth: hci2: sending frame failed (-49)
[  660.325558] Bluetooth: hci0: command 0x1009 tx timeout
[  661.355639] Bluetooth: hci1: command 0x1001 tx timeout
[  661.361172] Bluetooth: hci1: sending frame failed (-49)
[  662.155596] Bluetooth: hci2: command 0x1001 tx timeout
[  662.161021] Bluetooth: hci2: sending frame failed (-49)
[  663.435603] Bluetooth: hci1: command 0x1009 tx timeout
18:33:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0xc020660b, 0x0)

18:33:44 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb26", 0x6}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:44 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040), 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:33:44 executing program 2:
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x5)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff824f400005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)="53000000c659ca800537f40000001000ffefffffff7f0000000000200000000d00000000", 0x58}], 0x2)

[  664.235717] Bluetooth: hci2: command 0x1009 tx timeout
18:33:44 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:33:44 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
fstat(0xffffffffffffffff, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, 0x0, 0x20000800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
sendmsg$key(r1, 0x0, 0x10)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101400, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000040)=0x8, 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:33:44 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:44 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, 0x0, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
openat$autofs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000040), 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:33:44 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb26", 0x6}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  666.315638] Bluetooth: hci0: command 0x1003 tx timeout
[  666.321122] Bluetooth: hci0: sending frame failed (-49)
18:33:48 executing program 1:
r0 = syz_open_dev$cec(&(0x7f0000000140)='/dev/cec#\x00', 0x2, 0x2)
getsockopt$inet_opts(r0, 0x0, 0x4, &(0x7f0000000180)=""/91, &(0x7f0000000200)=0x5b)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000040)=0x1a)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$TCGETA(r1, 0x5405, &(0x7f0000000000))

[  668.395563] Bluetooth: hci0: command 0x1001 tx timeout
[  668.401048] Bluetooth: hci0: sending frame failed (-49)
[  670.475661] Bluetooth: hci0: command 0x1009 tx timeout
18:33:54 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x3f00)

18:33:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:33:54 executing program 4:

18:33:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb26", 0x6}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:54 executing program 2:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
fstat(0xffffffffffffffff, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, 0x0, 0x20000800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
sendmsg$key(r1, 0x0, 0x10)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101400, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000040)=0x8, 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:33:54 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:33:54 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
fstat(0xffffffffffffffff, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, 0x0, 0x20000800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
sendmsg$key(r1, 0x0, 0x10)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101400, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000040)=0x8, 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:33:55 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  674.532313] Bluetooth: hci0: Frame reassembly failed (-84)
[  674.549567] Bluetooth: hci1: Frame reassembly failed (-84)
18:33:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:33:55 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:33:55 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:33:55 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
fstat(0xffffffffffffffff, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, 0x0, 0x20000800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
sendmsg$key(r1, 0x0, 0x10)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101400, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000040)=0x8, 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

[  676.555578] Bluetooth: hci1: command 0x1003 tx timeout
[  676.560956] Bluetooth: hci0: command 0x1003 tx timeout
[  676.561093] Bluetooth: hci1: sending frame failed (-49)
[  676.566369] Bluetooth: hci0: sending frame failed (-49)
[  677.355586] Bluetooth: hci2: command 0x1003 tx timeout
[  677.361002] Bluetooth: hci2: sending frame failed (-49)
[  678.635609] Bluetooth: hci0: command 0x1001 tx timeout
[  678.635642] Bluetooth: hci1: command 0x1001 tx timeout
[  678.640983] Bluetooth: hci0: sending frame failed (-49)
[  678.648989] Bluetooth: hci1: sending frame failed (-49)
[  679.435587] Bluetooth: hci2: command 0x1001 tx timeout
[  679.441100] Bluetooth: hci2: sending frame failed (-49)
[  680.715618] Bluetooth: hci1: command 0x1009 tx timeout
[  680.715628] Bluetooth: hci0: command 0x1009 tx timeout
[  681.515642] Bluetooth: hci2: command 0x1009 tx timeout
18:34:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x4000)

18:34:05 executing program 2:

18:34:05 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:05 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
fstat(0xffffffffffffffff, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, 0x0, 0x20000800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
sendmsg$key(r1, 0x0, 0x10)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101400, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000040)=0x8, 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:34:05 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
prctl$PR_GET_TID_ADDRESS(0x28, &(0x7f0000000000))
fcntl$dupfd(r0, 0x0, r0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:05 executing program 2:

18:34:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:06 executing program 2:

18:34:06 executing program 4:
socket$inet_udplite(0x2, 0x2, 0x88)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readlinkat(0xffffffffffffffff, 0x0, 0x0, 0x0)
fstat(0xffffffffffffffff, 0x0)
r0 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000240)='/dev/dlm-control\x00', 0x0, 0x0)
syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_GET_DEST(r0, 0x0, 0x20000800)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/.\az0\x8c', 0x1ff)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000100))
syz_open_pts(r0, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
mount$fuse(0x20000000, &(0x7f0000000040)='./file0\x00', 0x0, 0x7a00, 0x0)
r1 = open(&(0x7f0000000280)='./file0\x00', 0x0, 0x0)
sendmsg$key(r1, 0x0, 0x10)
r2 = openat$cgroup_procs(r1, &(0x7f0000000140)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r2, &(0x7f0000000640), 0x12)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/autofs\x00', 0x101400, 0x0)
setsockopt$inet6_int(r3, 0x29, 0x0, &(0x7f0000000040)=0x8, 0x4)
socket$can_raw(0x1d, 0x3, 0x1)

18:34:06 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:34:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  687.435614] Bluetooth: hci0: command 0x1003 tx timeout
[  687.441042] Bluetooth: hci0: sending frame failed (-49)
[  687.515552] Bluetooth: hci1: command 0x1003 tx timeout
[  687.521045] Bluetooth: hci1: sending frame failed (-49)
[  688.235558] Bluetooth: hci3: command 0x1003 tx timeout
[  688.235636] Bluetooth: hci2: command 0x1003 tx timeout
[  688.240993] Bluetooth: hci3: sending frame failed (-49)
[  688.251761] Bluetooth: hci2: sending frame failed (-49)
[  689.515640] Bluetooth: hci0: command 0x1001 tx timeout
[  689.521057] Bluetooth: hci0: sending frame failed (-49)
[  689.595645] Bluetooth: hci1: command 0x1001 tx timeout
[  689.601025] Bluetooth: hci1: sending frame failed (-49)
[  690.315595] Bluetooth: hci2: command 0x1001 tx timeout
[  690.320933] Bluetooth: hci3: command 0x1001 tx timeout
[  690.320987] Bluetooth: hci2: sending frame failed (-49)
[  690.331647] Bluetooth: hci3: sending frame failed (-49)
[  691.595600] Bluetooth: hci0: command 0x1009 tx timeout
[  691.675630] Bluetooth: hci1: command 0x1009 tx timeout
[  692.395698] Bluetooth: hci3: command 0x1009 tx timeout
[  692.401064] Bluetooth: hci2: command 0x1009 tx timeout
18:34:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x1000000)

18:34:16 executing program 2:

18:34:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:16 executing program 4:

18:34:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:16 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x2, 0x0)
connect$nfc_llcp(r1, &(0x7f0000000040)={0x27, 0x0, 0x1, 0x7, 0x72, 0x7, "a304b83a6514a2c9621d0435c2366ffa900378f67e494d151351388212de2de9313f4a9ef658a6ae02f20b9fc7c21449a8dec85c271de392284fa6179e0da9", 0x22}, 0x60)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:16 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1)

18:34:16 executing program 4:
r0 = syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0x0, 0x5)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="ae88bff824f400005a90f57f07703aeff0f64ebbee07962c22772e11b44e69d90cf41bdd2ac8bb8c43b460e46292", 0x2e}, {&(0x7f0000000040)="530000c0c659ca807737f40000001000ffefffffff7f0000000000200000000d00000000", 0x58}], 0x2)

[  696.363862] Bluetooth: hci1: Frame reassembly failed (-84)
18:34:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:16 executing program 4:
r0 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r0, &(0x7f0000000000)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x1, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x32)
ioctl$PPPIOCGL2TPSTATS(r0, 0x80487436, 0x0)

18:34:16 executing program 4:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x2, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000480)={'nr0\x01\x00', 0x2})
pwritev(r0, &(0x7f0000000240)=[{0x0}, {&(0x7f0000000040)="5685ef13", 0x4}], 0x2, 0x0)

18:34:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  697.132266] Bluetooth: hci3: Frame reassembly failed (-84)
[  697.138279] Bluetooth: hci3: Frame reassembly failed (-84)
[  698.395575] Bluetooth: hci0: command 0x1003 tx timeout
[  698.400928] Bluetooth: hci1: command 0x1003 tx timeout
[  698.400966] Bluetooth: hci0: sending frame failed (-49)
[  698.411783] Bluetooth: hci1: sending frame failed (-49)
[  698.475569] Bluetooth: hci2: command 0x1003 tx timeout
[  698.480962] Bluetooth: hci2: sending frame failed (-49)
[  699.195575] Bluetooth: hci4: command 0x1003 tx timeout
[  699.195580] Bluetooth: hci3: command 0x1003 tx timeout
[  699.206327] Bluetooth: hci3: sending frame failed (-49)
[  699.211780] Bluetooth: hci4: sending frame failed (-49)
[  700.475642] Bluetooth: hci1: command 0x1001 tx timeout
[  700.481000] Bluetooth: hci0: command 0x1001 tx timeout
[  700.481043] Bluetooth: hci1: sending frame failed (-49)
[  700.491695] Bluetooth: hci0: sending frame failed (-49)
[  700.555595] Bluetooth: hci2: command 0x1001 tx timeout
[  700.560960] Bluetooth: hci2: sending frame failed (-49)
[  701.275593] Bluetooth: hci3: command 0x1001 tx timeout
[  701.275598] Bluetooth: hci4: command 0x1001 tx timeout
[  701.275671] Bluetooth: hci4: sending frame failed (-49)
[  701.280947] Bluetooth: hci3: sending frame failed (-49)
[  702.555580] Bluetooth: hci0: command 0x1009 tx timeout
[  702.560900] Bluetooth: hci1: command 0x1009 tx timeout
[  702.635576] Bluetooth: hci2: command 0x1009 tx timeout
[  703.355566] Bluetooth: hci3: command 0x1009 tx timeout
[  703.355573] Bluetooth: hci4: command 0x1009 tx timeout
18:34:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x3f000000)

18:34:28 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:34:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:28 executing program 4:
r0 = syz_open_dev$vivid(&(0x7f0000000100)='/dev/video#\x00', 0x1, 0x2)
write$vhci(r0, &(0x7f0000000400)=ANY=[], 0x0)
ioctl$VIDIOC_G_FMT(r0, 0xc0d05605, &(0x7f0000000140)={0x2, @sdr})

18:34:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil)
shmat(r1, &(0x7f0000ffc000/0x1000)=nil, 0x5000)
gettid()
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:28 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:28 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:28 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:28 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil)
shmat(r1, &(0x7f0000ffc000/0x1000)=nil, 0x5000)
gettid()
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:28 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:28 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:28 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
prctl$PR_GET_PDEATHSIG(0x2, &(0x7f0000000100))
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20\x00', 0x240, 0x0)
write$UHID_INPUT2(r1, &(0x7f00000004c0)=ANY=[@ANYBLOB="0c0000006a0000ba83db5b1ded0c72ed87d68aa2790797ab8604162558c704211784f67b54c80400fbdb827e52fe9dbb4a21f990cf1992cf361d17d9752beb0eef7b150ce0d10f97a377952583a64e9a6686586a9d99fb3e88aab587f533ecf5ecfe02cf68e46a90f2fa17800000000000a47aae9800796647c81845975aa16f0679870257ee4af151c6ae9c0000cc85928644330d716be11ff571c0f1e0b35abb2b25665c07ba987c2eb4993b1de849e49eb920df36d4dfbec073b68ff86efc62f17e5dc123917df06e34a5d816c6f11b854186c5640966282b87912035d1f609561ff5d0217e1030606bb8f67c78a529741b7ed0c656f71cc1f0f02c3c155d7783269e087489d10881ea281e2c1c6e99fd2c43f72475536ae81835d4163c1ed8103f91ccb9965f42d3539685253a453af4d63b9402bfd3228f54"], 0xffa2)
ioctl$TIOCGPTPEER(r0, 0x5441, 0x1)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000000080)='/dev/radio#\x00', 0x2, 0x2)
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000140)={{{@in=@empty, @in6=@mcast1}}, {{@in=@empty}, 0x0, @in6}}, &(0x7f0000000280)=0xe8)

[  708.120612] Bluetooth: hci2: Frame reassembly failed (-84)
[  708.134875] Bluetooth: hci2: Frame reassembly failed (-84)
[  708.681678] Bluetooth: hci4: Frame reassembly failed (-84)
[  709.915576] Bluetooth: hci1: command 0x1003 tx timeout
[  709.921866] Bluetooth: hci1: sending frame failed (-49)
[  709.927323] Bluetooth: hci0: command 0x1003 tx timeout
[  709.932940] Bluetooth: hci0: sending frame failed (-49)
[  710.155665] Bluetooth: hci2: command 0x1003 tx timeout
[  710.161071] Bluetooth: hci2: sending frame failed (-49)
[  710.715574] Bluetooth: hci4: command 0x1003 tx timeout
[  710.721104] Bluetooth: hci3: command 0x1003 tx timeout
[  710.721153] Bluetooth: hci4: sending frame failed (-49)
[  710.731369] Bluetooth: hci3: sending frame failed (-49)
[  711.995572] Bluetooth: hci0: command 0x1001 tx timeout
[  712.001002] Bluetooth: hci1: command 0x1001 tx timeout
[  712.001182] Bluetooth: hci0: sending frame failed (-49)
[  712.006636] Bluetooth: hci1: sending frame failed (-49)
[  712.235783] Bluetooth: hci2: command 0x1001 tx timeout
[  712.241326] Bluetooth: hci2: sending frame failed (-49)
[  712.795597] Bluetooth: hci3: command 0x1001 tx timeout
[  712.795659] Bluetooth: hci4: command 0x1001 tx timeout
[  712.803835] Bluetooth: hci3: sending frame failed (-49)
[  712.806298] Bluetooth: hci4: sending frame failed (-49)
[  714.075616] Bluetooth: hci1: command 0x1009 tx timeout
[  714.075711] Bluetooth: hci0: command 0x1009 tx timeout
[  714.315735] Bluetooth: hci2: command 0x1009 tx timeout
[  714.875583] Bluetooth: hci3: command 0x1009 tx timeout
[  714.875730] Bluetooth: hci4: command 0x1009 tx timeout
18:34:39 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x40000000)

18:34:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil)
shmat(r1, &(0x7f0000ffc000/0x1000)=nil, 0x5000)
gettid()
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:39 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:34:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:39 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:34:39 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x5)

18:34:39 executing program 4:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:34:39 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:39 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
r1 = shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil)
shmat(r1, &(0x7f0000ffc000/0x1000)=nil, 0x5000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  719.354504] Bluetooth: hci1: Frame reassembly failed (-84)
18:34:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:39 executing program 4:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0x14)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:39 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  721.355546] Bluetooth: hci1: command 0x1003 tx timeout
[  721.355588] Bluetooth: hci0: command 0x1003 tx timeout
[  721.366386] Bluetooth: hci1: sending frame failed (-49)
[  721.371826] Bluetooth: hci0: sending frame failed (-49)
[  722.155555] Bluetooth: hci2: command 0x1003 tx timeout
[  722.155573] Bluetooth: hci3: command 0x1003 tx timeout
[  722.160952] Bluetooth: hci2: sending frame failed (-49)
[  722.171409] Bluetooth: hci3: sending frame failed (-49)
[  723.435637] Bluetooth: hci0: command 0x1001 tx timeout
[  723.440971] Bluetooth: hci1: command 0x1001 tx timeout
[  723.441029] Bluetooth: hci0: sending frame failed (-49)
[  723.446768] Bluetooth: hci1: sending frame failed (-49)
[  724.235551] Bluetooth: hci3: command 0x1001 tx timeout
[  724.235557] Bluetooth: hci2: command 0x1001 tx timeout
[  724.236847] Bluetooth: hci2: sending frame failed (-49)
[  724.240915] Bluetooth: hci3: sending frame failed (-49)
[  725.515588] Bluetooth: hci0: command 0x1009 tx timeout
[  725.515594] Bluetooth: hci1: command 0x1009 tx timeout
[  726.315626] Bluetooth: hci3: command 0x1009 tx timeout
[  726.316191] Bluetooth: hci2: command 0x1009 tx timeout
18:34:50 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0xfeffffff)

18:34:50 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:34:50 executing program 4 (fault-call:1 fault-nth:0):
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:34:50 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
shmget$private(0x0, 0x3000, 0x200, &(0x7f0000ffb000/0x3000)=nil)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:50 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffffc)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x8000)

[  730.237190] FAULT_INJECTION: forcing a failure.
[  730.237190] name failslab, interval 1, probability 0, space 0, times 0
[  730.275411] Bluetooth: hci0: Frame reassembly failed (-84)
[  730.276739] CPU: 1 PID: 11286 Comm: syz-executor.4 Not tainted 4.19.62 #36
[  730.288104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  730.297454] Call Trace:
[  730.297483]  dump_stack+0x172/0x1f0
[  730.297507]  should_fail.cold+0xa/0x1b
[  730.297527]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  730.297541]  ? lock_downgrade+0x810/0x810
[  730.297565]  __should_failslab+0x121/0x190
[  730.307623]  should_failslab+0x9/0x14
[  730.307638]  kmem_cache_alloc_node+0x26c/0x710
[  730.307665]  __alloc_skb+0xd5/0x5f0
[  730.307683]  ? skb_scrub_packet+0x490/0x490
18:34:50 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  730.307702]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  730.307825]  ? netlink_autobind.isra.0+0x228/0x310
[  730.316945]  netlink_sendmsg+0x97b/0xd70
[  730.316967]  ? netlink_unicast+0x720/0x720
[  730.316993]  ? selinux_socket_sendmsg+0x36/0x40
[  730.333172]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  730.333188]  ? security_socket_sendmsg+0x8d/0xc0
[  730.333206]  ? netlink_unicast+0x720/0x720
[  730.360897]  sock_sendmsg+0xd7/0x130
[  730.360914]  ___sys_sendmsg+0x803/0x920
[  730.379107]  ? copy_msghdr_from_user+0x430/0x430
[  730.379130]  ? lock_downgrade+0x810/0x810
[  730.391965]  ? kasan_check_read+0x11/0x20
[  730.396128]  ? __fget+0x367/0x540
[  730.399594]  ? iterate_fd+0x360/0x360
[  730.403396]  ? __fget_light+0x1a9/0x230
[  730.407358]  ? __fdget+0x1b/0x20
[  730.410721]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  730.416246]  __sys_sendmsg+0x105/0x1d0
[  730.420118]  ? __ia32_sys_shutdown+0x80/0x80
[  730.424522]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  730.429262]  ? do_syscall_64+0x26/0x620
[  730.433221]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  730.438568]  ? do_syscall_64+0x26/0x620
[  730.442531]  __x64_sys_sendmsg+0x78/0xb0
[  730.446578]  do_syscall_64+0xfd/0x620
[  730.450366]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  730.455539] RIP: 0033:0x459829
[  730.458719] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  730.477612] RSP: 002b:00007fcc4bd01c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  730.485404] RAX: ffffffffffffffda RBX: 00007fcc4bd01c90 RCX: 0000000000459829
[  730.492660] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  730.499921] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  730.507182] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc4bd026d4
[  730.514437] R13: 00000000004c7074 R14: 00000000004dc630 R15: 0000000000000004
[  730.525754] Bluetooth: hci1: Frame reassembly failed (-84)
18:34:51 executing program 4 (fault-call:1 fault-nth:1):
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:34:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:34:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:34:51 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:34:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  730.647966] FAULT_INJECTION: forcing a failure.
[  730.647966] name failslab, interval 1, probability 0, space 0, times 0
[  730.710034] CPU: 0 PID: 11310 Comm: syz-executor.4 Not tainted 4.19.62 #36
[  730.717115] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  730.717122] Call Trace:
[  730.717145]  dump_stack+0x172/0x1f0
[  730.717166]  should_fail.cold+0xa/0x1b
[  730.736583]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  730.736600]  ? lock_downgrade+0x810/0x810
[  730.736627]  __should_failslab+0x121/0x190
[  730.736643]  should_failslab+0x9/0x14
[  730.736657]  kmem_cache_alloc_node_trace+0x274/0x720
[  730.736673]  ? __alloc_skb+0xd5/0x5f0
[  730.736693]  __kmalloc_node_track_caller+0x3d/0x80
[  730.767700]  __kmalloc_reserve.isra.0+0x40/0xf0
[  730.772374]  __alloc_skb+0x10b/0x5f0
[  730.776086]  ? skb_scrub_packet+0x490/0x490
[  730.780397]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  730.785920]  ? netlink_autobind.isra.0+0x228/0x310
[  730.790846]  netlink_sendmsg+0x97b/0xd70
[  730.794916]  ? netlink_unicast+0x720/0x720
[  730.799155]  ? selinux_socket_sendmsg+0x36/0x40
[  730.803819]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  730.809340]  ? security_socket_sendmsg+0x8d/0xc0
[  730.814077]  ? netlink_unicast+0x720/0x720
[  730.818312]  sock_sendmsg+0xd7/0x130
[  730.822014]  ___sys_sendmsg+0x803/0x920
[  730.826062]  ? copy_msghdr_from_user+0x430/0x430
[  730.830807]  ? lock_downgrade+0x810/0x810
[  730.834957]  ? kasan_check_read+0x11/0x20
[  730.839122]  ? __fget+0x367/0x540
[  730.842581]  ? iterate_fd+0x360/0x360
[  730.846410]  ? __fget_light+0x1a9/0x230
[  730.850384]  ? __fdget+0x1b/0x20
[  730.853746]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  730.859282]  __sys_sendmsg+0x105/0x1d0
[  730.863159]  ? __ia32_sys_shutdown+0x80/0x80
[  730.867557]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  730.872296]  ? do_syscall_64+0x26/0x620
[  730.876788]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  730.882143]  ? do_syscall_64+0x26/0x620
[  730.886118]  __x64_sys_sendmsg+0x78/0xb0
[  730.890192]  do_syscall_64+0xfd/0x620
[  730.893981]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  730.899149] RIP: 0033:0x459829
[  730.902334] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  730.921231] RSP: 002b:00007fcc4bd01c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  730.928924] RAX: ffffffffffffffda RBX: 00007fcc4bd01c90 RCX: 0000000000459829
[  730.936186] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  730.943436] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  730.950688] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc4bd026d4
[  730.957937] R13: 00000000004c7074 R14: 00000000004dc630 R15: 0000000000000004
[  732.315581] Bluetooth: hci0: command 0x1003 tx timeout
[  732.320970] Bluetooth: hci0: sending frame failed (-49)
[  732.555553] Bluetooth: hci1: command 0x1003 tx timeout
[  732.560955] Bluetooth: hci1: sending frame failed (-49)
[  733.115557] Bluetooth: hci3: command 0x1003 tx timeout
[  733.120951] Bluetooth: hci3: sending frame failed (-49)
[  733.126392] Bluetooth: hci2: command 0x1003 tx timeout
[  733.131751] Bluetooth: hci2: sending frame failed (-49)
[  734.395659] Bluetooth: hci0: command 0x1001 tx timeout
[  734.401169] Bluetooth: hci0: sending frame failed (-49)
[  734.635623] Bluetooth: hci1: command 0x1001 tx timeout
[  734.641025] Bluetooth: hci1: sending frame failed (-49)
[  735.195592] Bluetooth: hci2: command 0x1001 tx timeout
[  735.200917] Bluetooth: hci3: command 0x1001 tx timeout
[  735.200974] Bluetooth: hci2: sending frame failed (-49)
[  735.211415] Bluetooth: hci3: sending frame failed (-49)
[  736.475628] Bluetooth: hci0: command 0x1009 tx timeout
[  736.715599] Bluetooth: hci1: command 0x1009 tx timeout
[  737.275604] Bluetooth: hci3: command 0x1009 tx timeout
[  737.275610] Bluetooth: hci2: command 0x1009 tx timeout
18:35:02 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0xfffffffe)

18:35:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:35:02 executing program 4 (fault-call:1 fault-nth:2):
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:02 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:02 executing program 1:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x40, 0x0)
ioctl$FS_IOC_MEASURE_VERITY(r0, 0xc0046686, &(0x7f0000000080)=ANY=[@ANYBLOB="010426009c273d9212114a5f1a1777f80139af7a700b750e13fcfb1a682b90d8510e370173c5f55f0b1d"])
ioctl$EVIOCSCLOCKID(r0, 0x400445a0, &(0x7f0000001680))
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000001780)='/dev/ubi_ctrl\x00', 0x280000, 0x0)
sendmsg$kcm(r1, &(0x7f0000002e00)={&(0x7f00000017c0)=@pppol2tp={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @rand_addr=0x2}, 0x0, 0x3, 0x2, 0x3}}, 0x80, &(0x7f0000001b00)=[{&(0x7f0000001840)="00f23d43ded9c07e04288d073f25ac6aedae6a3f42", 0x15}, {&(0x7f0000001880)="2f0096d099262ffcb03c2a94d106ac921d27e936f1b81506e86cfbb7ca44a84c992778cefb6aa9d8763c87d87bc8d1f0ec1e4fbacb6b55e57859801a0e297d3eaddd64ea174092417a8a67bb245349c8da532d589fed01bbc33feaebdd3db5a2afd0291985cc0e8e2dd346d2e3b32c082b2de51fc70ce2ccbcceb6b9ac5cc67a", 0x80}, {&(0x7f0000001900)="60d0c576ea10b57e639404c239b6e09b4d33e1b330526cf3492327d097bcce33fbbf6932a87d6f5dbf664852693dbd4ec2d3e8b5015d46903628192c9fb833f9274cb4fc4dd7692877296dc7148a9e4ca6bbb57f8cd3e86b154ab19d5bc971f72e222ee007f15e", 0x67}, {&(0x7f0000001980)="a6b991c73beeef252bf7462909096efaa66d15fa89cf6c7ca80e47e23c3ac7603aa75ca7cb28d462ac387a5c", 0x2c}, {&(0x7f00000019c0)="8dd2405cfc8d335e4505b5112151988b901c52e04e0ced6e2d07871406690b9967cf128ca06314f83cdac99a825933e4993dff1aa3e52450018419aaf665e69f52429bc2b8746a413cab7c9dc90637b411102ecd32828fac23d3f6d9ed5494c5cc344aad2ef9c688529d2d8c1544bfbc6b7e273a2b919f6a304d86ffd9d86d19d27493b8c309c74ee9db0129b82146fc3c9067a630d2dc098b034af0dbfe1a8dd990", 0xa2}, {&(0x7f0000001a80)="1e3bbcad47ffd5b523e84d35e042135f3b3b637619e11fa3eb57159b55", 0x1d}, {&(0x7f0000001ac0)="1516eb5c443a7ee75a", 0x9}], 0x7, &(0x7f0000001b80)=[{0x28, 0x88, 0x5, "60f59749cd70ccbb7d4d4ee0ab828c314f5b20654d"}, {0x38, 0x18f, 0x7, "02c5fc0e142b6cc5f4884a0edc143f438f5000424522a4ae2df3da627b00ac1cbcfbc0a7"}, {0xc8, 0x0, 0x7469, "2e6a541de944b649ec9976e12fbd2f1b3ab6bd763081c9e721f9b8a6ffd5b8e9a2aa5cfa52b2650ac5bd02f9ba5dc8f5ab508b17cdab6d15742c0f8e9d2536cc7eb492f4a783a6e5955fcee6e8bdd417907bb7aac28f018a4193926c1b3c6d0cf162673cea97c568a20c2339f133167659eb61d5999177c321d1fe41069970c4023d03c88f14bca36cdd95a9fc5a8043c79c0b29ed03f1d5214fec1a5e8e311fa4624acd0f758debdaa3ba91f4214f61bb3e92e1"}, {0xb0, 0x10a, 0xffff, "a27e6a4233aca2b19b76e0326d9d099ae1ee6652c3df84e82b2c1bb381efc24f6bb7c393b83fad5f9e94c07a7009b4867e2371262a950cb51d070835917358abeae5d31314469210b2a891e13d48a0849ae6fc2b3027f383b4f9b1898b64fb440f1969afaade943cc3868ae65bd2461d01f062af63d3b7a2514d1e4b9aabd4e2197e929fe1b1d7210d93dfa129c599e076f06cbd410500197af90be6"}, {0x80, 0x0, 0x0, "866670e0e6d508ddf5e277329e12b88861cba0571e3468be659905060f35cc727fcc58e79d328bb3c76a8a8b90a0f61c2a0163284814d0368512e331cc59afedddca423b2160ae16513ae7f34b25cf392dae32d6df4af89a52213dc4ca962bf299db7f82e2c5ffb542d9465950"}, {0x1010, 0x119, 0x5, "ccd844fd5708477266cadcfec78196f28b04d93ac8fcfe129f9a44c8c31f530df84c87fe4e39d11bc1dfda26e9c38582df54032d7717236f34abe0d8b77575b6de014235f05c0546f0dbf631a06616ad8e29f7522344d6749f66de4aa09bca29eb2247604712065e90c69104cc4dcb6856a7958a354caf28e8f5840c81bb2cb8def4043494d9b1748af2998f5b28c8151f9b70f957adbd8d54a75f2887e5aac0c7988cd42df1c41d922688a250d89230b411e9911edce13a88f3f968763a58c17f451e1d8037239d01bf60310f31d1a54e168e9adb8fe9b0771e5dd4a73d9d1c23429d4e3036bd94a1d0bb5510d17d0e11ac0d9f9a6328a3b6bbac7ec3e85e6f7944174922dfdb26bb55ae20a7cdb0a48993755027450c3947871ac819250fc71130662307d8718cfe793dfe5ab741a26eb38a19df50f8ae80b6e80edf08e7418d7cf78298b94bd011e54756b9e9e213bf79e2319b421fe4cbd907234c54e70570dd95af16b7fc1522fe05730a1a0bd4de72a16bd16d3d9c6a45e4990c02df3ec001927b5d4960f5baf9a72d9d62f97458628eea31bf0ad9680ea79340e4b42c1163ab896307589b22916ae6b36d417c07e5997d36dc5498d53477d6c19c733d05962a6823bdbe9312aa018d4717641d5b60bc0f893e79299d1a3a593df534325f89f70bd69ffd6f17e7ff44a9b01b93fe9a753c61e9be1e5f4128d98a7990e3a717b21cd467d6a7700ea34ab14e9c25da04d0a7ea18fc05271f7df634770436b66dc542aad632e9038ac23c29c73c6102f824b149d7119f3b30501d49525293c4ac7855af0b42918a0038cbd3debd2a1ad3d5474902d134a19ce418acdc2fafec04773a39e3b485afa7d7cfa5e347720949185eab15ca9baf66c7c8925e2703206570efa4a288ff7c446ccd5c9284bf93c42f099381b895a19ad25fa21319d7759b987e473606fbb45f3f48f95692435608b5cfcd397bf70200db0b817e962c9f4e45e0903c3ae45f663944248d04c9e59b2060b5d2e5a78897b6824973d042125f9450e93bb2041c37aa9682050b53cdd0834fb8942d52167710862a5471e32b8b6ea22d26075044e8e479b21ca944f491a8d1f9b6a15e9a6976198409101c6bf92150df0eb6fdc588518d28051d524c4407a0d19487a908615f6a79c7e35fa49f4754e8066bb370f68660efc661643fd24b12b8d7aef94d377efcb4324e376f311df72724298c894fbc8be65c80b94361559e7f451dfc0dc970f0f5b5aa58a2706d20361da1c815ed652180d30096b7ab7e503f9c5108b565534bd544d3113c8a46c8c2df51ca7be8f18b498526d95058cc34c1671ad1d4bc828c9de05c0220ebb8cc86ca4f9ef50774e6258d52749e40b9164dcdd9a52a4300454604cbc5cb77177ea915c8a0a02fc454e542e829a4a14ac510f4141b12c4caeb7b37321cb67959e656112f4fe3815dc3f46bd078c8c408a47f81bfdc85bcbea615255aafda1ffacc8eb749b4089bf7bd31e8276c7c2809ab8e5938531800e18e825c377cdb444fde40ce039f9108a5091a955ae1fa1adba93da624caf598d010d97faa087bf2ee20798e7e1f07f0812f4a5158283b3fd90710232a50ac0745f103ea93372608a3ff75b22f2186d0059ab83117ac51c722b6f748bddcf9650bae73d366c5422f002d5b822edc08ee30272a936eeee411d290cb9313f2675f019d68783412ddc892061775ecca79ac8b286fe453654b384a64e15165ff05bdd006444d9172da0f305eb9d5cd55e996115cd8cbc35f89fb81aa0062ab693b728e6667ff1a5ec43c1f91fc16efc97a520cc3420d7a88256c482720d108324fbf8cdf418a9870c70da598e1ba661e43be01e3331aef3f4afb7faf9f745fd24bbf1e4031012b39cb1079f3e6415d548ac39664948db0054c5f9308726d211a16a28fcf5d8c79866c69bc08d044f769b2da11822d83c39e9a24c3e8d61bed19887e0a06385b6dc4225d90b816c621f0d8fd946df6203ce07b2ea97594fc5b3882e53a7f619b91bb4c991b0abd62fb2ed37fc6fb75d437a6978d42b8050a7b7b1387eae55978cbdd1f0209fab5f4209c4123ebe7fae93277743366124c3471fa93e99c81dd1a3cf6d6b959818182197aed6ade50d945e3481d585f70fb0bde83ba3de2e7a1abdcffe9d0c34389522c26522cfed7eb8dd86bb69170e1f817e7c386fddfa9a39e109b74dd38cff17070fe39c3a6b26c94ff37b18124f266ba5f9061430348e7ffe0bbb6617a29c56814ff020f130382192bcfda16d689e7fb5c701855ae129cc6aa677ea646e919a2bc049c7365833b2e05414b740e3c8a8f217c26718027a887329ebd94f052a020cff5b4803b3bef5fc7e9ec2b081e114e1a39f0ba8c17ca2e9d1824ca0de944979ced4128ee5515bc7d8bd5274259b1e12cf1c7a390a07a20ddb29986aebb478429836c95b63536b1a1071df8091a1edf44cda48715efd28d20597f1733dbc47c55f8ca998455b2f4c68ebdf86f50c93f5f12e0f9195223400b26781e86bbf329e7e771eb640c7a0f99c111bc608ed79d44938554ca665020a0b63349978857e5e1617012264f8ef6045cd4bf411a20566f75bb0acaeafffe06d946e1e0dec83310492772a0dc13ab5f69b6370c7a8b70d24f7290767b039d77ef0cfaa7d3a0d6c4d7c22518f020164fd0d4c7cd66bb22d40cc32853a70ed39ecc4ff00deff7f0ad643a2754b44297c77d993d4490c7fff21ab5d2c06d3d1a9893fa661eef606fa2a5fc871f20a47b33ea77b7d37f5765b2b28fd0f84be28e43eaf49230139ea84bdfcbd925bd233dbf78d65d6e85d7349db201769bef91a476c364adb11fe03fd01dca39f50b0f0e6d9c87288dc7d820b4d8dd0518e6f044b01327d8022cb2c56d3292a6f48f275ae7a2b4bad78cc66ea5fb6e5cd0bd8545edb9c31bb61682f83a86b7713bc450839715ea995be4bdc9e0754b0d930469cbedda152d40c39c3ad15de09a5aa430e3462432a651dbe9a6b6ca860a594187f0ab493a797b96ccb896247c70686209dc082e817ddba0ea879a4bd5a2cfbb8f30b2c4ad0c96bfd62c200ed069dac03c0e0b4f4e74e273aa56800fa73e703bb422527ede146609f8dbfff42ac9d6438668ea73a9d0ef06eabddfbafaab99bbe74fe2b290bea1ec2214694e26f554337ae7d08e5e02cfbaa2bf2471504c00ce4556db7c0dc7b00fa5a62a51333db18a4f588d62ef6dccc36dfb79c1d85750c03aad2792669412d15f740ef600cc5b2da26ecf863a6a32b30edfb634d622476faf050d802962751e10f0f211902591076f274c0ab2cd35d5f6c7c5de0ecd600d5270dc172d1d75206013c1aa0ecf6245f93059aad2847d0a02fc4db156faec7ee43c0abe42b9614504d08d28b5eb17d45021b1bc059b075333114c1c7846d7b982aa933b7819053286cce90a5dfbf15db2938c8783ef26b71646a1dc189b54dabe42e851312e52aaa6baa0a882481a83e6138c08b6eb8ff279ca2b7285a044dae0fe57f66d51a38fddaf95a2e0129cbad2371fb67a5e245d0ff6212d77799d630718b41f7f6cf2c6aa50235f98a40043650cd375ba5157770e98c1e024f3aaefa4e8ec87c80e5d2c3310a07648f778f43b6e979f4a3a14693611279dc7f8183dbce558c4186a7dd05b59be820dfce06aac6e7de4de98e74c52ada3f3872b1422abe5ebb1b864ec1614c6e5901704d96f1cc00c6340bae44e4015eb9eb026b55289a9438183d5b130cf702fdf584b8914d9ccdebe781a4528b4a9ccfc8486a89d1a3edb74d7bcb18a4b6d98048db40b273c1abf7dd5d3fdc3fb66413418f0005a28a06ea1b4c4b3c3f1e7a38277733f85be05671af783093b515d8527b3db89a273925cc68231815bab0feea7e2ee024db6e82dd97448f28e1777fa6a44afce2bea84fccdc3101dfb893005f297523ad9721268029461df9d1c2b60cb9d08e0b565b88ab28a215a4f520e8deba9fb3731578e5b9558b81448ea12cb9a21e2b260441e20285deb26377ea0604d931c2c92248c74b7c7e725208f80cb0fce0eca26c188eb8aac8ea78df37dffd63039b6647b3948da1f84285a118d87bde767c4131d435273f8528b43c24e0bec6b0b5458c0592f7decb588c00f86a506029fba3919e64c0820ee385518a6bb5c21158e18c466498d420d91a752114ca6d1edc25d981831ec9a4bf45dd6bc114f037a36f98a824a402632ceb6c03f99fa7c64f124c1c8c3aad359c80e0cde853a12cab0dac4254e62628a85b46df72b67eebaa784f74924a5f2797b785a00825866360c81bf760b80bdeac834422b0c1e8dec2cf81c5a639931e60c8657bdd4e213b78cc7c9f2c1409d1913d3197e80138beed51730af85c8e7fb48f1f77fb5abadbd9d849763d59b868248362d9fcdd7c7307f33aad8acf323baadcf71b3df64b4cf51303295fea6db0305b626b45d23c9da285a4c67c011e97cb15b6ab204d0b5605c0081b5e29cad0dbcc254e9ecd2e58348103e181e48e86985e419cd08b302e30a67a897cb2ba0083b8b02bb99438836383afdaf1801f22e23a66e37a163abaa5ddf1da57c71a67e993573c25bc176b9cdc0a2ce03cd16d7629d26f01ef2450678cbf0a0863cc419817cb8d9da09c1bb68ca189f9a261e1414d02105fcb91cf9e2e49fb7c6fa79ef3d76df9c349a48669034212d18c04470aeba1ce6ad8391cc71eafd83755b1c3b225de3dde587bd9d5a005925b943721e74bfe3082663028e3c8b005d88f911da8a5f69f2e9f95a7ce88709943198aba47dd2663391652a010af14612db40550257cafbd17f7c6c9484b7e8bd4788c7365358c4b49f061e000c80e9a7fd18c9fdc49b6d354d25b367c0a11fa2dd3f88d4443a62b5377fee11156d9cb2cfe62f0d8a1565e4ddd7c1cc09ccf0942177b948962e080191ca7c3e9ab373468a37851a893434f5f589cb70be7a23701975c432c15c837eaec6cccb118e1ad24cef829f977124cbf62191004092b23da8a72bfc6e9a227335fc1f4fd32c31612ddc33b0bb66e26daccea6df567bfcd0a360456d4d1333f0ec38157e5f1bb76c6e3ef212266ef9b5e029e783f033b3c12d49b5e4492f3c6817f7526e771e25a8881bcef7d3e2b70f70141da91334d425027a738c53e560ec4b502f66fda7fe1414ee8374d8c0fd72511e5156f9264caaac0d276189af88cfb39334f95c4ea9a9fee5a1db096cd645c72bf5f4183c2f6e70e41411eebc1a22e1fae250ec5804f43d63c1d00a72da308dfeb06e45c04649a6f3a1ddddfbc8444891a613fd3c61ee3afd7bbffebce366255ba4a598e61b345773b33775f4e638c6aae928703f2f050cc68380f416457051944a15dc4fa7391a34590783b13f2d7ef8059c67e8297d6849b067887155bcb6be325789d1dc49631f0b57562a9e83d1577803bf7420794249dfdea2c0d68fb262f1e23e02e9ba39841654b04d5f17a72630604ee0d439fef262376102081772d9b2ba3890bebfcfa72fe2c8f4e7b3c88d0d008db2eb9b1f7c6ab0033281958793b7c09b1fd516d5595e312ef4a6aaf6e2ebc341f7aac105c8484abf6c8c6d5671308ff9b67462ed7004169aed75fda8c9b9317f1999b76781bf9f7158af041c3b76cbd8f6ec368de9083fa370a56b96b7ffbb608bd32289fbf6f8a8d8cd48c1b5262bcbe6faa9770133ce17c370836d445cb025828d184c217078d2e32a335d7a12aac98fe20c45949bc7bb57cc7df03fa55f837902771f4a42e41de9961c0440c50e68577c4bf522"}], 0x1268}, 0x4000000)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x2, 0x0)
preadv(r2, &(0x7f0000001600)=[{&(0x7f0000000100)=""/129, 0x81}, {&(0x7f00000001c0)=""/69, 0x45}, {&(0x7f0000000280)=""/218, 0xda}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000001380)=""/101, 0x65}, {&(0x7f0000001400)=""/235, 0xeb}, {&(0x7f0000001500)=""/217, 0xd9}], 0x7, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x0)
setsockopt$inet6_tcp_TCP_FASTOPEN_KEY(r0, 0x6, 0x21, &(0x7f00000016c0)="99a332d521aa4887f105b1d1ca73b153", 0x10)
bind$nfc_llcp(r2, &(0x7f0000001700)={0x27, 0x1, 0x2, 0x4, 0x772, 0xfff, "1a29fd44b4e07d6eeb74161fb4c6a1bcffb729e7bf8208694ecc2c225514eeed232b0c77f48a789fb68985ff5a86adfe0f3fe1f52c796180a1f231158f586f", 0x31}, 0x60)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$PIO_FONTX(r2, 0x4b6c, &(0x7f0000000000)="5bf0e9cbf862d45c6ec3dab01ff92a52656c58")

[  741.726920] FAULT_INJECTION: forcing a failure.
[  741.726920] name failslab, interval 1, probability 0, space 0, times 0
[  741.784719] CPU: 0 PID: 11328 Comm: syz-executor.4 Not tainted 4.19.62 #36
[  741.791781] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  741.801144] Call Trace:
[  741.803747]  dump_stack+0x172/0x1f0
[  741.807390]  should_fail.cold+0xa/0x1b
[  741.811288]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  741.816409]  ? netlink_deliver_tap+0x146/0xc20
[  741.821018]  __should_failslab+0x121/0x190
[  741.825270]  should_failslab+0x9/0x14
[  741.829081]  kmem_cache_alloc+0x47/0x700
[  741.833161]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  741.838755]  ? check_preemption_disabled+0x48/0x290
[  741.838771]  ? lock_acquire+0x16f/0x3f0
[  741.847734]  skb_clone+0x156/0x3e0
[  741.847754]  netlink_deliver_tap+0x97b/0xc20
[  741.847776]  netlink_unicast+0x5a8/0x720
[  741.847795]  ? netlink_attachskb+0x770/0x770
[  741.847816]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  741.869784]  netlink_sendmsg+0x8ae/0xd70
[  741.873836]  ? netlink_unicast+0x720/0x720
[  741.878078]  ? selinux_socket_sendmsg+0x36/0x40
[  741.882753]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  741.888273]  ? security_socket_sendmsg+0x8d/0xc0
[  741.893017]  ? netlink_unicast+0x720/0x720
[  741.897272]  sock_sendmsg+0xd7/0x130
[  741.900977]  ___sys_sendmsg+0x803/0x920
[  741.904938]  ? copy_msghdr_from_user+0x430/0x430
[  741.909684]  ? lock_downgrade+0x810/0x810
[  741.913820]  ? kasan_check_read+0x11/0x20
[  741.917962]  ? __fget+0x367/0x540
[  741.921403]  ? iterate_fd+0x360/0x360
[  741.925196]  ? __fget_light+0x1a9/0x230
[  741.929156]  ? __fdget+0x1b/0x20
[  741.932509]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  741.938034]  __sys_sendmsg+0x105/0x1d0
[  741.941908]  ? __ia32_sys_shutdown+0x80/0x80
[  741.946311]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  741.951049]  ? do_syscall_64+0x26/0x620
[  741.955006]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  741.960355]  ? do_syscall_64+0x26/0x620
[  741.964318]  __x64_sys_sendmsg+0x78/0xb0
[  741.968369]  do_syscall_64+0xfd/0x620
[  741.972157]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  741.977334] RIP: 0033:0x459829
[  741.980514] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  741.999402] RSP: 002b:00007fcc4bd01c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  742.007100] RAX: ffffffffffffffda RBX: 00007fcc4bd01c90 RCX: 0000000000459829
[  742.014359] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  742.021614] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
18:35:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:35:02 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:02 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  742.028875] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc4bd026d4
[  742.036130] R13: 00000000004c7074 R14: 00000000004dc630 R15: 0000000000000004
[  742.071576] Bluetooth: hci0: Frame reassembly failed (-84)
18:35:02 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  742.129965] Bluetooth: hci1: Frame reassembly failed (-84)
18:35:02 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  742.233283] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  744.075550] Bluetooth: hci0: command 0x1003 tx timeout
[  744.080937] Bluetooth: hci0: sending frame failed (-49)
[  744.155598] Bluetooth: hci1: command 0x1003 tx timeout
[  744.160992] Bluetooth: hci1: sending frame failed (-49)
[  744.635550] Bluetooth: hci2: command 0x1003 tx timeout
[  744.641027] Bluetooth: hci2: sending frame failed (-49)
[  746.155617] Bluetooth: hci0: command 0x1001 tx timeout
[  746.160999] Bluetooth: hci0: sending frame failed (-49)
[  746.235669] Bluetooth: hci1: command 0x1001 tx timeout
[  746.241054] Bluetooth: hci1: sending frame failed (-49)
[  746.715612] Bluetooth: hci2: command 0x1001 tx timeout
[  746.721009] Bluetooth: hci2: sending frame failed (-49)
[  748.235698] Bluetooth: hci0: command 0x1009 tx timeout
[  748.315667] Bluetooth: hci1: command 0x1009 tx timeout
[  748.795586] Bluetooth: hci2: command 0x1009 tx timeout
18:35:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x1000000000000)

18:35:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:13 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:35:13 executing program 4 (fault-call:1 fault-nth:3):
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:13 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:13 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCGDEV(r0, 0x80045432, &(0x7f0000000080))
ioctl$TIOCGRS485(r0, 0x542e, &(0x7f0000000000))

[  753.237524] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:35:13 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:35:13 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  753.278791] FAULT_INJECTION: forcing a failure.
[  753.278791] name failslab, interval 1, probability 0, space 0, times 0
[  753.297499] Bluetooth: hci1: Frame reassembly failed (-84)
[  753.345661] CPU: 0 PID: 11375 Comm: syz-executor.4 Not tainted 4.19.62 #36
[  753.352724] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  753.362086] Call Trace:
[  753.364690]  dump_stack+0x172/0x1f0
[  753.368415]  should_fail.cold+0xa/0x1b
[  753.372297]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  753.377391]  ? lock_downgrade+0x810/0x810
[  753.381540]  __should_failslab+0x121/0x190
[  753.385765]  should_failslab+0x9/0x14
[  753.389553]  kmem_cache_alloc_node+0x26c/0x710
[  753.394129]  __alloc_skb+0xd5/0x5f0
[  753.397742]  ? skb_scrub_packet+0x490/0x490
[  753.402055]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.407580]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.413105]  netlink_ack+0x25c/0xb30
[  753.416807]  ? netlink_sendmsg+0xd70/0xd70
[  753.421026]  ? __sanitizer_cov_trace_cmp8+0x13/0x20
[  753.426033]  netlink_rcv_skb+0x382/0x460
[  753.430078]  ? nfnetlink_bind+0x2d0/0x2d0
[  753.434215]  ? netlink_ack+0xb30/0xb30
[  753.438087]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.443672]  ? ns_capable+0x23/0x30
[  753.447287]  ? __netlink_ns_capable+0x104/0x140
[  753.451945]  nfnetlink_rcv+0x1c0/0x460
[  753.455819]  ? nfnetlink_rcv_batch+0x1750/0x1750
[  753.460561]  ? netlink_deliver_tap+0x254/0xc20
[  753.465134]  netlink_unicast+0x537/0x720
[  753.469185]  ? netlink_attachskb+0x770/0x770
[  753.473581]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.479109]  netlink_sendmsg+0x8ae/0xd70
[  753.483161]  ? netlink_unicast+0x720/0x720
[  753.487387]  ? selinux_socket_sendmsg+0x36/0x40
[  753.492041]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.497560]  ? security_socket_sendmsg+0x8d/0xc0
[  753.502301]  ? netlink_unicast+0x720/0x720
[  753.506524]  sock_sendmsg+0xd7/0x130
[  753.510227]  ___sys_sendmsg+0x803/0x920
[  753.514189]  ? copy_msghdr_from_user+0x430/0x430
[  753.518938]  ? lock_downgrade+0x810/0x810
[  753.523072]  ? kasan_check_read+0x11/0x20
[  753.527209]  ? __fget+0x367/0x540
[  753.530650]  ? iterate_fd+0x360/0x360
[  753.534441]  ? __fget_light+0x1a9/0x230
[  753.538426]  ? __fdget+0x1b/0x20
[  753.541777]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  753.547301]  __sys_sendmsg+0x105/0x1d0
[  753.551173]  ? __ia32_sys_shutdown+0x80/0x80
[  753.555576]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  753.560320]  ? do_syscall_64+0x26/0x620
[  753.564283]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  753.569632]  ? do_syscall_64+0x26/0x620
[  753.573594]  __x64_sys_sendmsg+0x78/0xb0
[  753.577643]  do_syscall_64+0xfd/0x620
[  753.581431]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  753.586604] RIP: 0033:0x459829
[  753.589782] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  753.608665] RSP: 002b:00007fcc4bd01c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  753.616362] RAX: ffffffffffffffda RBX: 00007fcc4bd01c90 RCX: 0000000000459829
[  753.623614] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  753.630875] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  753.638130] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc4bd026d4
18:35:14 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  753.645382] R13: 00000000004c7074 R14: 00000000004dc630 R15: 0000000000000004
18:35:14 executing program 2:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:35:14 executing program 4 (fault-call:1 fault-nth:4):
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:14 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  753.810538] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  753.843536] FAULT_INJECTION: forcing a failure.
[  753.843536] name failslab, interval 1, probability 0, space 0, times 0
[  753.872684] CPU: 0 PID: 11408 Comm: syz-executor.4 Not tainted 4.19.62 #36
[  753.879743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  753.889104] Call Trace:
[  753.891708]  dump_stack+0x172/0x1f0
[  753.895356]  should_fail.cold+0xa/0x1b
[  753.899245]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  753.904343]  ? lock_downgrade+0x810/0x810
[  753.908500]  __should_failslab+0x121/0x190
[  753.912729]  should_failslab+0x9/0x14
[  753.916520]  kmem_cache_alloc_node_trace+0x274/0x720
[  753.921620]  ? __alloc_skb+0xd5/0x5f0
[  753.925424]  __kmalloc_node_track_caller+0x3d/0x80
[  753.930351]  __kmalloc_reserve.isra.0+0x40/0xf0
[  753.935008]  __alloc_skb+0x10b/0x5f0
[  753.938718]  ? skb_scrub_packet+0x490/0x490
[  753.943035]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.948553]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.954078]  netlink_ack+0x25c/0xb30
[  753.957783]  ? netlink_sendmsg+0xd70/0xd70
[  753.962011]  ? __sanitizer_cov_trace_cmp8+0x13/0x20
[  753.967024]  netlink_rcv_skb+0x382/0x460
[  753.971066]  ? nfnetlink_bind+0x2d0/0x2d0
[  753.975197]  ? netlink_ack+0xb30/0xb30
[  753.979067]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  753.984586]  ? ns_capable+0x23/0x30
[  753.988196]  ? __netlink_ns_capable+0x104/0x140
[  753.992849]  nfnetlink_rcv+0x1c0/0x460
[  753.996730]  ? nfnetlink_rcv_batch+0x1750/0x1750
[  754.001467]  ? netlink_deliver_tap+0x254/0xc20
[  754.006036]  netlink_unicast+0x537/0x720
[  754.010080]  ? netlink_attachskb+0x770/0x770
[  754.014480]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  754.020016]  netlink_sendmsg+0x8ae/0xd70
[  754.024075]  ? netlink_unicast+0x720/0x720
[  754.028296]  ? selinux_socket_sendmsg+0x36/0x40
[  754.032949]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  754.038477]  ? security_socket_sendmsg+0x8d/0xc0
[  754.038495]  ? netlink_unicast+0x720/0x720
[  754.038511]  sock_sendmsg+0xd7/0x130
[  754.038529]  ___sys_sendmsg+0x803/0x920
[  754.047497]  ? copy_msghdr_from_user+0x430/0x430
[  754.047518]  ? lock_downgrade+0x810/0x810
[  754.047536]  ? kasan_check_read+0x11/0x20
[  754.047554]  ? __fget+0x367/0x540
[  754.047571]  ? iterate_fd+0x360/0x360
[  754.059984]  ? __fget_light+0x1a9/0x230
[  754.060002]  ? __fdget+0x1b/0x20
[  754.060018]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  754.060036]  __sys_sendmsg+0x105/0x1d0
[  754.068306]  ? __ia32_sys_shutdown+0x80/0x80
[  754.068338]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  754.068351]  ? do_syscall_64+0x26/0x620
[  754.068373]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  754.075715]  ? do_syscall_64+0x26/0x620
[  754.075736]  __x64_sys_sendmsg+0x78/0xb0
[  754.075754]  do_syscall_64+0xfd/0x620
[  754.075772]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  754.075783] RIP: 0033:0x459829
[  754.075795] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  754.075806] RSP: 002b:00007fcc4bd01c78 EFLAGS: 00000246
[  754.083104]  ORIG_RAX: 000000000000002e
[  754.083115] RAX: ffffffffffffffda RBX: 00007fcc4bd01c90 RCX: 0000000000459829
[  754.083124] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  754.083134] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  754.083142] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc4bd026d4
[  754.083155] R13: 00000000004c7074 R14: 00000000004dc630 R15: 0000000000000004
[  755.275551] Bluetooth: hci0: command 0x1003 tx timeout
[  755.280980] Bluetooth: hci0: sending frame failed (-49)
[  755.355603] Bluetooth: hci1: command 0x1003 tx timeout
[  755.361003] Bluetooth: hci1: sending frame failed (-49)
[  755.915731] Bluetooth: hci2: command 0x1003 tx timeout
[  755.921237] Bluetooth: hci2: sending frame failed (-49)
[  756.235744] Bluetooth: hci3: command 0x1003 tx timeout
[  756.241152] Bluetooth: hci3: sending frame failed (-49)
[  757.355656] Bluetooth: hci0: command 0x1001 tx timeout
[  757.361069] Bluetooth: hci0: sending frame failed (-49)
[  757.435688] Bluetooth: hci1: command 0x1001 tx timeout
[  757.441078] Bluetooth: hci1: sending frame failed (-49)
[  757.995825] Bluetooth: hci2: command 0x1001 tx timeout
[  758.001341] Bluetooth: hci2: sending frame failed (-49)
[  758.315714] Bluetooth: hci3: command 0x1001 tx timeout
[  758.321113] Bluetooth: hci3: sending frame failed (-49)
[  759.435602] Bluetooth: hci0: command 0x1009 tx timeout
[  759.515576] Bluetooth: hci1: command 0x1009 tx timeout
[  760.075717] Bluetooth: hci2: command 0x1009 tx timeout
[  760.395639] Bluetooth: hci3: command 0x1009 tx timeout
18:35:25 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x100000000000000)

18:35:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:25 executing program 2:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:35:25 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:35:25 executing program 4 (fault-call:1 fault-nth:5):
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:25 executing program 1:
r0 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x1f, 0x80000)
ioctl$IMGETVERSION(r0, 0x80044942, &(0x7f0000000040))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_pts(r1, 0x400000)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

18:35:25 executing program 2:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

[  764.753480] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  764.778290] Bluetooth: hci0: Frame reassembly failed (-84)
[  764.786109] FAULT_INJECTION: forcing a failure.
[  764.786109] name failslab, interval 1, probability 0, space 0, times 0
[  764.796216] Bluetooth: hci1: Frame reassembly failed (-84)
[  764.829657] CPU: 0 PID: 11423 Comm: syz-executor.4 Not tainted 4.19.62 #36
[  764.836714] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  764.846078] Call Trace:
[  764.849677]  dump_stack+0x172/0x1f0
[  764.853314]  should_fail.cold+0xa/0x1b
[  764.857211]  ? fault_create_debugfs_attr+0x1e0/0x1e0
[  764.862389]  ? find_held_lock+0x35/0x130
[  764.866474]  ? netlink_deliver_tap+0x146/0xc20
[  764.871072]  __should_failslab+0x121/0x190
[  764.875827]  should_failslab+0x9/0x14
[  764.879636]  kmem_cache_alloc+0x47/0x700
[  764.883794]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  764.889337]  ? check_preemption_disabled+0x48/0x290
[  764.894362]  ? lock_acquire+0x16f/0x3f0
[  764.898347]  skb_clone+0x156/0x3e0
[  764.901899]  netlink_deliver_tap+0x97b/0xc20
[  764.906332]  __netlink_sendskb+0x68/0xc0
[  764.910417]  netlink_unicast+0x616/0x720
[  764.914498]  ? netlink_attachskb+0x770/0x770
[  764.918919]  netlink_ack+0x645/0xb30
[  764.922642]  ? netlink_sendmsg+0xd70/0xd70
18:35:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:25 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  764.926887]  ? __sanitizer_cov_trace_cmp8+0x13/0x20
[  764.931922]  netlink_rcv_skb+0x382/0x460
[  764.935994]  ? nfnetlink_bind+0x2d0/0x2d0
[  764.940142]  ? netlink_ack+0xb30/0xb30
[  764.944021]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  764.949549]  ? ns_capable+0x23/0x30
[  764.953164]  ? __netlink_ns_capable+0x104/0x140
[  764.957824]  nfnetlink_rcv+0x1c0/0x460
[  764.961700]  ? nfnetlink_rcv_batch+0x1750/0x1750
[  764.966439]  ? netlink_deliver_tap+0x254/0xc20
[  764.971010]  netlink_unicast+0x537/0x720
[  764.975059]  ? netlink_attachskb+0x770/0x770
[  764.979457]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  764.984984]  netlink_sendmsg+0x8ae/0xd70
[  764.989040]  ? netlink_unicast+0x720/0x720
[  764.993267]  ? selinux_socket_sendmsg+0x36/0x40
[  764.997923]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  765.003451]  ? security_socket_sendmsg+0x8d/0xc0
[  765.008193]  ? netlink_unicast+0x720/0x720
[  765.012421]  sock_sendmsg+0xd7/0x130
[  765.016126]  ___sys_sendmsg+0x803/0x920
[  765.020089]  ? copy_msghdr_from_user+0x430/0x430
[  765.024832]  ? lock_downgrade+0x810/0x810
[  765.028970]  ? kasan_check_read+0x11/0x20
[  765.033105]  ? __fget+0x367/0x540
[  765.036547]  ? iterate_fd+0x360/0x360
[  765.040335]  ? __fget_light+0x1a9/0x230
[  765.044292]  ? __fdget+0x1b/0x20
[  765.047642]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  765.053178]  __sys_sendmsg+0x105/0x1d0
[  765.057052]  ? __ia32_sys_shutdown+0x80/0x80
[  765.061456]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  765.066200]  ? do_syscall_64+0x26/0x620
[  765.070159]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  765.075510]  ? do_syscall_64+0x26/0x620
[  765.079471]  __x64_sys_sendmsg+0x78/0xb0
[  765.083518]  do_syscall_64+0xfd/0x620
[  765.087307]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  765.092481] RIP: 0033:0x459829
[  765.095665] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  765.114549] RSP: 002b:00007fcc4bd01c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  765.122244] RAX: ffffffffffffffda RBX: 00007fcc4bd01c90 RCX: 0000000000459829
18:35:25 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  765.129501] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[  765.136770] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  765.144023] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fcc4bd026d4
[  765.151279] R13: 00000000004c7074 R14: 00000000004dc630 R15: 0000000000000004
18:35:25 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  766.795543] Bluetooth: hci0: command 0x1003 tx timeout
[  766.800929] Bluetooth: hci0: sending frame failed (-49)
[  766.875550] Bluetooth: hci1: command 0x1003 tx timeout
[  766.880923] Bluetooth: hci1: sending frame failed (-49)
[  767.595626] Bluetooth: hci3: command 0x1003 tx timeout
[  767.600996] Bluetooth: hci2: command 0x1003 tx timeout
[  767.601030] Bluetooth: hci3: sending frame failed (-49)
[  767.611787] Bluetooth: hci2: sending frame failed (-49)
[  768.875663] Bluetooth: hci0: command 0x1001 tx timeout
[  768.881082] Bluetooth: hci0: sending frame failed (-49)
[  768.955601] Bluetooth: hci1: command 0x1001 tx timeout
[  768.961000] Bluetooth: hci1: sending frame failed (-49)
[  769.675590] Bluetooth: hci2: command 0x1001 tx timeout
[  769.675663] Bluetooth: hci3: command 0x1001 tx timeout
[  769.680999] Bluetooth: hci2: sending frame failed (-49)
[  769.691102] Bluetooth: hci3: sending frame failed (-49)
[  770.955555] Bluetooth: hci0: command 0x1009 tx timeout
[  771.035556] Bluetooth: hci1: command 0x1009 tx timeout
[  771.755591] Bluetooth: hci2: command 0x1009 tx timeout
[  771.755662] Bluetooth: hci3: command 0x1009 tx timeout
18:35:36 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:36 executing program 4 (fault-call:1 fault-nth:6):
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63f"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:36 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x3f00000000000000)

18:35:36 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:35:36 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = accept(0xffffffffffffffff, &(0x7f0000000000)=@isdn, &(0x7f0000000080)=0x80)
sendto$rxrpc(r1, &(0x7f0000000100)="d4de65dbf7f5b8d80bbbad9279fbd5a464a9dfa8ad1e5efc7ebb68d7f851fce511c673cc65543e9c32da0e1284d144fa554ca17473d60b0124105de000a0e3f68ae70ef8e2ac357f2fb15d7fa830a781dbf6af82797490f88e19dd3d3bee0838ae623875ec54f0fdfd61335f34ed060b2e40caff03ce8420700765a63a9587597ba0aeeb20c9c2", 0x87, 0x10, &(0x7f00000001c0)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x4e24, @rand_addr=0x1}}, 0x24)

[  775.634686] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:35:36 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:35:36 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:36 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  775.704664] Bluetooth: hci0: sending frame failed (-49)
18:35:36 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:35:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63f"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  775.786679] Bluetooth: hci1: Frame reassembly failed (-84)
[  775.826178] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:35:36 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:36 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x2, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:36 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:36 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  776.011066] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  776.456650] Bluetooth: hci2: Frame reassembly failed (-84)
[  776.532288] Bluetooth: hci3: Frame reassembly failed (-84)
[  777.755587] Bluetooth: hci0: command 0x1003 tx timeout
[  777.762053] Bluetooth: hci0: sending frame failed (-49)
[  777.835623] Bluetooth: hci1: command 0x1003 tx timeout
[  777.841019] Bluetooth: hci1: sending frame failed (-49)
[  778.475577] Bluetooth: hci2: command 0x1003 tx timeout
[  778.480983] Bluetooth: hci2: sending frame failed (-49)
[  778.555709] Bluetooth: hci3: command 0x1003 tx timeout
[  778.561100] Bluetooth: hci3: sending frame failed (-49)
[  779.835770] Bluetooth: hci0: command 0x1001 tx timeout
[  779.841162] Bluetooth: hci0: sending frame failed (-49)
[  779.925581] Bluetooth: hci1: command 0x1001 tx timeout
[  779.930979] Bluetooth: hci1: sending frame failed (-49)
[  780.555622] Bluetooth: hci2: command 0x1001 tx timeout
[  780.561056] Bluetooth: hci2: sending frame failed (-49)
[  780.635775] Bluetooth: hci3: command 0x1001 tx timeout
[  780.641157] Bluetooth: hci3: sending frame failed (-49)
[  781.915875] Bluetooth: hci0: command 0x1009 tx timeout
[  781.995602] Bluetooth: hci1: command 0x1009 tx timeout
[  782.636102] Bluetooth: hci2: command 0x1009 tx timeout
[  782.715621] Bluetooth: hci3: command 0x1009 tx timeout
18:35:46 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x4000000000000000)

18:35:46 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  786.500721] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  786.534428] Bluetooth: hci0: Frame reassembly failed (-84)
18:35:47 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000040)={<r2=>0xffffffffffffffff}, 0x2, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_REJECT(r1, &(0x7f0000000100)={0x9, 0x108, 0xfa00, {r2, 0x2, "4e3ed5", "7d86c691907742273f2cfc45e8b257c3b2540ba65aae15e82e34ebfa722bd89c03c4d8db428c789ac6d5d0bf7e511ac60dc4c86c1c1dd3ff3f52ae053fb4bccb2eb6ca6df20e948212477d176317386bdd2da3ad9e31cce005c5721fc6017f50ef5d189c8a12440567cb8d0c0d3d9348ede05b83428cd5a64bdad976ab50ef8c6e3b4877fb1dec349dfef30c85a838edd77d69932f772bb0ecb1026893b78e860c577fbc00a4b7e3f12246a50ba2f5ef04110978470817e0011d117a5c0e76f3eb4ca460b9d0f8ad2eef95d4d61fa94573bdb87c3ef95473fc64dc9fdbfe17403e7d8f4aadf292b3a6206050a18fc859ba2d859c3942c784fd87cfbf00178354"}}, 0x110)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCMSET(r1, 0x5418, &(0x7f0000000280))
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:47 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:47 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:35:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63f"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:47 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:47 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  787.159783] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:35:47 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:47 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x5, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:47 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  787.293787] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:35:47 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  787.421133] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  788.555534] Bluetooth: hci0: command 0x1003 tx timeout
[  788.560947] Bluetooth: hci0: sending frame failed (-49)
[  789.285558] Bluetooth: hci1: command 0x1003 tx timeout
[  789.290983] Bluetooth: hci1: sending frame failed (-49)
[  789.355617] Bluetooth: hci2: command 0x1003 tx timeout
[  789.361009] Bluetooth: hci2: sending frame failed (-49)
[  789.995550] Bluetooth: hci3: command 0x1003 tx timeout
[  790.001050] Bluetooth: hci3: sending frame failed (-49)
[  790.635723] Bluetooth: hci0: command 0x1001 tx timeout
[  790.641359] Bluetooth: hci0: sending frame failed (-49)
[  791.355588] Bluetooth: hci1: command 0x1001 tx timeout
[  791.360995] Bluetooth: hci1: sending frame failed (-49)
[  791.435635] Bluetooth: hci2: command 0x1001 tx timeout
[  791.441054] Bluetooth: hci2: sending frame failed (-49)
[  792.075591] Bluetooth: hci3: command 0x1001 tx timeout
[  792.080981] Bluetooth: hci3: sending frame failed (-49)
[  792.715551] Bluetooth: hci0: command 0x1009 tx timeout
[  793.435608] Bluetooth: hci1: command 0x1009 tx timeout
[  793.515618] Bluetooth: hci2: command 0x1009 tx timeout
[  794.155578] Bluetooth: hci3: command 0x1009 tx timeout
18:35:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0xfeffffff00000000)

18:35:57 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:58 executing program 1:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000040)={&(0x7f0000000000)='./file0\x00', 0x0, 0x18}, 0x10)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
syz_open_dev$dri(&(0x7f0000000080)='/dev/dri/card#\x00', 0x0, 0x10003)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
r2 = getpgid(0xffffffffffffffff)
mq_notify(r1, &(0x7f0000000140)={0x0, 0x3c, 0x3, @tid=r2})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:58 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:58 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:35:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:58 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xa, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:35:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:35:58 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  798.022576] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  798.058829] Bluetooth: hci1: Frame reassembly failed (-84)
18:35:58 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:35:58 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0))
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  798.104861] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  799.435623] Bluetooth: hci0: command 0x1003 tx timeout
[  799.441028] Bluetooth: hci0: sending frame failed (-49)
[  800.075541] Bluetooth: hci1: command 0x1003 tx timeout
[  800.081049] Bluetooth: hci1: sending frame failed (-49)
[  800.245601] Bluetooth: hci2: command 0x1003 tx timeout
[  800.251159] Bluetooth: hci2: sending frame failed (-49)
[  801.515593] Bluetooth: hci0: command 0x1001 tx timeout
[  801.521277] Bluetooth: hci0: sending frame failed (-49)
[  802.155546] Bluetooth: hci1: command 0x1001 tx timeout
[  802.160974] Bluetooth: hci1: sending frame failed (-49)
[  802.315587] Bluetooth: hci2: command 0x1001 tx timeout
[  802.321017] Bluetooth: hci2: sending frame failed (-49)
[  803.595585] Bluetooth: hci0: command 0x1009 tx timeout
[  804.235542] Bluetooth: hci1: command 0x1009 tx timeout
[  804.395591] Bluetooth: hci2: command 0x1009 tx timeout
18:36:08 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xe, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:08 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:08 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
prctl$PR_TASK_PERF_EVENTS_DISABLE(0x1f)
r1 = syz_open_dev$vbi(&(0x7f0000000140)='/dev/vbi#\x00', 0x1, 0x2)
ioctl$VIDIOC_ENUMSTD(r1, 0xc0485619, &(0x7f0000000180)={0x7f, 0x0, "98072c8dafe389e8daa0004e52f1398ec319e0dd03685ef4", {0x846, 0x9}})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', r0}, 0x10)
ioctl$PIO_UNIMAPCLR(r0, 0x4b68, &(0x7f0000000040)={0x1800, 0x9, 0x1ff})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCSISO7816(r0, 0xc0285443, &(0x7f0000000000)={0x3, 0x20, 0x7fff, 0x8, 0xf7c0000000})

18:36:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x42240, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000040)={0x1, [0x0]}, &(0x7f0000000080)=0x8)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:08 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:36:08 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  808.256186] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:36:08 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:36:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  808.321245] Bluetooth: hci1: Frame reassembly failed (-84)
18:36:08 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:36:08 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:08 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x48, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  808.362032] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:36:08 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:08 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4c, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  808.444281] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  808.501254] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  810.315729] Bluetooth: hci0: command 0x1003 tx timeout
[  810.321133] Bluetooth: hci0: sending frame failed (-49)
[  810.395589] Bluetooth: hci1: command 0xfc11 tx timeout
[  810.397182] Bluetooth: hci1: Entering manufacturer mode failed (-110)
[  811.115565] Bluetooth: hci2: command 0x1003 tx timeout
[  811.120966] Bluetooth: hci2: sending frame failed (-49)
[  812.395613] Bluetooth: hci0: command 0x1001 tx timeout
[  812.401008] Bluetooth: hci0: sending frame failed (-49)
[  813.195661] Bluetooth: hci2: command 0x1001 tx timeout
[  813.201173] Bluetooth: hci2: sending frame failed (-49)
[  814.475689] Bluetooth: hci0: command 0x1009 tx timeout
[  815.275647] Bluetooth: hci2: command 0x1009 tx timeout
18:36:19 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x40000, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:19 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:19 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:19 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x60, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:36:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSWINSZ(r0, 0x5414, &(0x7f0000000000)={0x6, 0xffffffffffff0000, 0xb6f, 0x1})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:19 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:36:19 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x68, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  819.168268] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  819.191977] Bluetooth: hci1: Frame reassembly failed (-84)
[  819.198637] Bluetooth: hci0: Frame reassembly failed (-84)
18:36:19 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:36:19 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6c, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  819.297639] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:36:19 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  819.392080] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  821.195596] Bluetooth: hci1: command 0x1003 tx timeout
[  821.201044] Bluetooth: hci1: sending frame failed (-49)
[  821.275570] Bluetooth: hci2: command 0x1003 tx timeout
[  821.280980] Bluetooth: hci0: command 0x1003 tx timeout
[  821.281028] Bluetooth: hci2: sending frame failed (-49)
[  821.291778] Bluetooth: hci0: sending frame failed (-49)
[  821.995608] Bluetooth: hci3: command 0x1003 tx timeout
[  822.001008] Bluetooth: hci3: sending frame failed (-49)
[  823.275612] Bluetooth: hci1: command 0x1001 tx timeout
[  823.281011] Bluetooth: hci1: sending frame failed (-49)
[  823.355604] Bluetooth: hci0: command 0x1001 tx timeout
[  823.355619] Bluetooth: hci2: command 0x1001 tx timeout
[  823.366360] Bluetooth: hci0: sending frame failed (-49)
[  823.371799] Bluetooth: hci2: sending frame failed (-49)
[  824.075659] Bluetooth: hci3: command 0x1001 tx timeout
[  824.081081] Bluetooth: hci3: sending frame failed (-49)
[  825.355609] Bluetooth: hci1: command 0x1009 tx timeout
[  825.435601] Bluetooth: hci0: command 0x1009 tx timeout
[  825.435607] Bluetooth: hci2: command 0x1009 tx timeout
[  826.155650] Bluetooth: hci3: command 0x1009 tx timeout
18:36:30 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm_plock\x00', 0x84000, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r1, 0x40082406, &(0x7f0000000040)='/dev/ptmx\x00')
r2 = add_key$user(&(0x7f0000000140)='user\x00', &(0x7f0000000180)={'syz', 0x3}, &(0x7f00000001c0)="9ef82b09", 0x4, 0x0)
keyctl$get_security(0x11, r2, &(0x7f0000000280)=""/141, 0x8d)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r3 = openat$selinux_member(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/member\x00', 0x2, 0x0)
fcntl$setstatus(r3, 0x4, 0x400)
ioctl$KDGKBMODE(r1, 0x4b44, &(0x7f0000000080))

18:36:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:36:30 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x74, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:36:30 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:30 executing program 0:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/snmp6\x00')
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000080)={0x3, r0})
ioctl$TCSETXF(r0, 0x5434, &(0x7f0000000040)={0x2, 0xd9be, [0x9, 0x2, 0x9, 0x10001, 0x9]})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000140)=0x800000f)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

[  830.038192] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  830.058699] Bluetooth: hci0: Frame reassembly failed (-84)
18:36:30 executing program 0:
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/keycreate\x00', 0x2, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f00000000c0)={0x7, [0x1, 0x5, 0x5, 0x40, 0x73, 0x20, 0x7]}, &(0x7f0000000100)=0x12)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
getsockopt$inet_sctp_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000140), &(0x7f0000000180)=0xb)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:30 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7a, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  830.092383] Bluetooth: hci1: Frame reassembly failed (-84)
18:36:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

18:36:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  830.178306] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  830.199349] Bluetooth: hci2: Frame reassembly failed (-84)
18:36:30 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  830.323422] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  832.075722] Bluetooth: hci0: command 0x1003 tx timeout
[  832.081110] Bluetooth: hci0: sending frame failed (-49)
[  832.155642] Bluetooth: hci1: command 0x1003 tx timeout
[  832.161022] Bluetooth: hci1: sending frame failed (-49)
[  832.235561] Bluetooth: hci2: command 0x1003 tx timeout
[  832.241014] Bluetooth: hci2: sending frame failed (-49)
[  832.885769] Bluetooth: hci3: command 0x1003 tx timeout
[  832.891296] Bluetooth: hci3: sending frame failed (-49)
[  834.155718] Bluetooth: hci0: command 0x1001 tx timeout
[  834.161093] Bluetooth: hci0: sending frame failed (-49)
[  834.235619] Bluetooth: hci1: command 0x1001 tx timeout
[  834.241033] Bluetooth: hci1: sending frame failed (-49)
[  834.315579] Bluetooth: hci2: command 0x1001 tx timeout
[  834.321157] Bluetooth: hci2: sending frame failed (-49)
[  834.955689] Bluetooth: hci3: command 0x1001 tx timeout
[  834.961223] Bluetooth: hci3: sending frame failed (-49)
[  836.235638] Bluetooth: hci0: command 0x1009 tx timeout
[  836.315610] Bluetooth: hci1: command 0x1009 tx timeout
[  836.396010] Bluetooth: hci2: command 0x1009 tx timeout
[  837.035702] Bluetooth: hci3: command 0x1009 tx timeout
18:36:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x3, 0x80000)
ioctl$MON_IOCX_MFETCH(r1, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000040)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x6, 0x607})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0)='TIPC\x00')
sendmsg$TIPC_CMD_SET_NETID(r1, &(0x7f00000002c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000200)={0x24, r2, 0x10e, 0x70bd2c, 0x25dfdbff, {{}, 0x0, 0x800b, 0x0, {0x8, 0x2, 0x3f}}, ["", "", "", "", "", "", "", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x2000c045}, 0x20000000)
fsetxattr$security_ima(r0, &(0x7f0000000100)='security.ima\x00', &(0x7f0000000300)=ANY=[@ANYBLOB="07000000000080000dfc5db804029e9e21166bee"], 0x7, 0x3)

18:36:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

18:36:41 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:36:41 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x24c, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:41 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x59)
r1 = socket$netlink(0x10, 0x3, 0x1e)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_WINDOW(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x34, r2, 0x100, 0x70bd2c, 0x25dfdbfe, {{}, 0x0, 0x4109, 0x0, {0x18, 0x18, {0x1, @bearer=@l2={'ib', 0x3a, 'syzkaller1\x00'}}}}, ["", "", "", ""]}, 0x34}, 0x1, 0x0, 0x0, 0x801}, 0x40000)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
socket$isdn(0x22, 0x3, 0x37)

18:36:41 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  840.932889] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:36:41 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:41 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x300, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  840.979146] Bluetooth: hci2: Frame reassembly failed (-84)
18:36:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

18:36:41 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x500, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:41 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  841.057692] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:36:41 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  841.163603] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  842.955566] Bluetooth: hci0: command 0x1003 tx timeout
[  842.961011] Bluetooth: hci0: sending frame failed (-49)
[  843.035586] Bluetooth: hci2: command 0x1003 tx timeout
[  843.040998] Bluetooth: hci1: command 0x1003 tx timeout
[  843.041037] Bluetooth: hci2: sending frame failed (-49)
[  843.046420] Bluetooth: hci1: sending frame failed (-49)
[  843.755580] Bluetooth: hci3: command 0x1003 tx timeout
[  843.760968] Bluetooth: hci3: sending frame failed (-49)
[  845.035681] Bluetooth: hci0: command 0x1001 tx timeout
[  845.041075] Bluetooth: hci0: sending frame failed (-49)
[  845.115750] Bluetooth: hci1: command 0x1001 tx timeout
[  845.115822] Bluetooth: hci2: command 0x1001 tx timeout
[  845.122851] Bluetooth: hci1: sending frame failed (-49)
[  845.126520] Bluetooth: hci2: sending frame failed (-49)
[  845.835607] Bluetooth: hci3: command 0x1001 tx timeout
[  845.841005] Bluetooth: hci3: sending frame failed (-49)
[  847.115577] Bluetooth: hci0: command 0x1009 tx timeout
[  847.195614] Bluetooth: hci1: command 0x1009 tx timeout
[  847.195671] Bluetooth: hci2: command 0x1009 tx timeout
[  847.915656] Bluetooth: hci3: command 0x1009 tx timeout
18:36:51 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x600, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:51 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x6, 0x400)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0xe)
ioctl$KVM_REINJECT_CONTROL(r1, 0xae71, &(0x7f0000000040)={0x2})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCSERGETLSR(r1, 0x5459, &(0x7f0000000080))
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0xfffffffffffffeaf, 0x0, 0x0, 0xffffffae)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000000c0)={0x0, 0x102000})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000005940)=[{0x0, 0x0, &(0x7f0000001000)=[{&(0x7f0000000f80)="1513cb8ceb2690", 0x7}], 0x1}], 0x1, 0x0)
getsockopt$IP6T_SO_GET_ENTRIES(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000140)=ANY=[@ANYPTR64=&(0x7f0000000040)=ANY=[@ANYBLOB="ebb63fb0c8c2"]], 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  851.145777] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  851.183349] Bluetooth: hci0: Frame reassembly failed (-84)
18:36:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:36:52 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:36:52 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:36:52 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x700, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:52 executing program 5:
msgrcv(0x0, &(0x7f0000000200)=ANY=[], 0x0, 0x0, 0x1001)
msgsnd(0x0, &(0x7f0000001400)=ANY=[@ANYBLOB="03"], 0x1, 0x0)

18:36:52 executing program 5:
syz_emit_ethernet(0x82, &(0x7f0000000100)=ANY=[@ANYBLOB="d9aaaaaa910009008100160086dd60358000000000000000000000000000aafe80000000aa0420880b0000000000000800000086dd080088be000000001000000001000000ebffffff080022eb0000000020000000020000000000000000000000080065580000e5344b52b8be25552720ff39c12b525dbccb3f9656e524ced94f5d394845388156eaa4b9d500"/150], &(0x7f00000000c0)={0x0, 0x2, [0x0, 0x306]})

18:36:52 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:36:52 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xa00, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:36:52 executing program 5:
syz_emit_ethernet(0xa6, &(0x7f0000000180)=ANY=[@ANYBLOB="ffffffffffff0180c289020086dd6076605100082c00fe80034300050dff00000000000000000000018600907d0007000060c5961e00000000030900000000000000030000050000011105000000b9be0000000000000000010000000000000000000000000048db7874c0eea171403c2d680e2ef7c2cbdd5fbe0e81f3c8e64212dc77ccdf5fe230752562a72ea9024871762c274ecc38089eaa0b9eda79d43355321bcd2fa97076da5661eeefe30358de4e2126dd04ece8ef6921fa6ef24d54826d029755891e91965ca2e463933712ef2cd6e84db1417385e510545a9d4c70edaca303de135e48b8dee26f75eb92f5fa556cd33e1bb5cf013ae17808e96dffc9f02650baf9b3fa95ab542b25cc10d2677a1ffd8393d48370f59e8d2cd8617ec3d769bf6a3a67252599ee65822febe0669402e0e821b735a003bfd2e1841a6c6c177414f0cf2f3b250000000000000000"], 0x0)

[  851.793440] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  851.830524] Bluetooth: hci1: Frame reassembly failed (-84)
18:36:52 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xe00, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  851.882496] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  851.940511] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  852.611875] Bluetooth: hci3: Frame reassembly failed (-84)
[  853.195524] Bluetooth: hci0: command 0x1003 tx timeout
[  853.200994] Bluetooth: hci0: sending frame failed (-49)
[  853.835550] Bluetooth: hci1: command 0x1003 tx timeout
[  853.840955] Bluetooth: hci1: sending frame failed (-49)
[  853.995715] Bluetooth: hci2: command 0x1003 tx timeout
[  854.001288] Bluetooth: hci2: sending frame failed (-49)
[  854.635628] Bluetooth: hci3: command 0x1003 tx timeout
[  854.643260] Bluetooth: hci3: sending frame failed (-49)
[  855.275647] Bluetooth: hci0: command 0x1001 tx timeout
[  855.281095] Bluetooth: hci0: sending frame failed (-49)
[  855.915735] Bluetooth: hci1: command 0x1001 tx timeout
[  855.921315] Bluetooth: hci1: sending frame failed (-49)
[  856.075874] Bluetooth: hci2: command 0x1001 tx timeout
[  856.081541] Bluetooth: hci2: sending frame failed (-49)
[  856.715649] Bluetooth: hci3: command 0x1001 tx timeout
[  856.721148] Bluetooth: hci3: sending frame failed (-49)
[  857.355630] Bluetooth: hci0: command 0x1009 tx timeout
[  857.995579] Bluetooth: hci1: command 0x1009 tx timeout
[  858.155668] Bluetooth: hci2: command 0x1009 tx timeout
[  858.795754] Bluetooth: hci3: command 0x1009 tx timeout
18:37:02 executing program 1:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:37:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:03 executing program 0:
r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000280)='/dev/cachefiles\x00', 0x800000040100, 0x0)
ioctl$UFFDIO_UNREGISTER(r0, 0x8010aa01, &(0x7f0000000080)={&(0x7f0000ffe000/0x1000)=nil, 0x1000})
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCGPKT(r1, 0x80045438, &(0x7f0000000100))
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$FS_IOC_FSSETXATTR(r1, 0x401c5820, &(0x7f0000000000)={0x8, 0x10000000000800, 0x91f, 0x1})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r0, 0x40405515, &(0x7f0000000140)={0x3, 0x3, 0x0, 0x9, '\x00', 0x8})
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
syz_open_dev$mouse(&(0x7f0000000180)='/dev/input/mouse#\x00', 0x100000001, 0x6000)
r2 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0xd00, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000200)=0x3)

18:37:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:37:03 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
syz_emit_ethernet(0x300b00, &(0x7f0000000000)={@local, @empty, [], {@ipv6={0x86dd, {0x0, 0x6, "b40900", 0x300030, 0x3a, 0x0, @ipv4={[0x2, 0x2, 0x543, 0x0, 0x60], [], @multicast2}, @mcast2, {[], @icmpv6=@time_exceed={0xffffff87, 0x0, 0x0, 0x0, [0x7, 0x4], {0x0, 0x6, "b680fa", 0x0, 0x0, 0x0, @ipv4={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe, 0x3], [], @broadcast}, @ipv4={[], [], @remote={0xac, 0x14, 0xffffffffffffffff}}}}}}}}}, 0x0)

18:37:03 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf00, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:03 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:03 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
fcntl$setflags(r0, 0x2, 0x1)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:03 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:37:03 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x9}, 0x1c)

[  862.676443] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  862.692746] Bluetooth: hci0: Frame reassembly failed (-84)
18:37:03 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:03 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8000000002)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:37:03 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x2000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  862.723781] Bluetooth: hci1: Frame reassembly failed (-84)
18:37:03 executing program 5:
syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x2, 0x44081)

[  862.809218] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  863.468990] Bluetooth: hci2: Frame reassembly failed (-84)
[  864.715567] Bluetooth: hci0: command 0x1003 tx timeout
[  864.720978] Bluetooth: hci0: sending frame failed (-49)
[  864.795544] Bluetooth: hci1: command 0x1003 tx timeout
[  864.801104] Bluetooth: hci1: sending frame failed (-49)
[  865.515541] Bluetooth: hci2: command 0x1003 tx timeout
[  865.515551] Bluetooth: hci3: command 0x1003 tx timeout
[  865.526338] Bluetooth: hci3: sending frame failed (-49)
[  865.531920] Bluetooth: hci2: sending frame failed (-49)
[  866.795762] Bluetooth: hci0: command 0x1001 tx timeout
[  866.801185] Bluetooth: hci0: sending frame failed (-49)
[  866.885675] Bluetooth: hci1: command 0x1001 tx timeout
[  866.891083] Bluetooth: hci1: sending frame failed (-49)
[  867.595669] Bluetooth: hci3: command 0x1001 tx timeout
[  867.595688] Bluetooth: hci2: command 0x1001 tx timeout
[  867.604927] Bluetooth: hci3: sending frame failed (-49)
[  867.606738] Bluetooth: hci2: sending frame failed (-49)
[  868.875716] Bluetooth: hci0: command 0x1009 tx timeout
[  868.955631] Bluetooth: hci1: command 0x1009 tx timeout
[  869.675640] Bluetooth: hci2: command 0x1009 tx timeout
[  869.676855] Bluetooth: hci3: command 0x1009 tx timeout
18:37:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(r0, 0x4008ae61, &(0x7f0000000140)={0x1000})
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(0xffffffffffffffff, 0xc010640b, &(0x7f0000000040)={0x0, <r2=>0x0, 0x3000})
r3 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000100)={r2, 0x80000, r3})
mmap$perf(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xc, 0x1010, r1, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:13 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:13 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x3f00, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:13 executing program 2:
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)={0xa, 0x2, 0x914, 0x4000000005}, 0x2c)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000001c0)={r0, &(0x7f0000000000), &(0x7f0000000180)}, 0x20)
unshare(0x400)
bpf$MAP_UPDATE_ELEM(0x4, &(0x7f0000000280)={r0, 0x0, &(0x7f0000000180)}, 0x20)

18:37:13 executing program 5:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'pcrypt(gcm_base(ctr(aes-aesni),ghash-generic))\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000012c0)="0a0775b005e381e5b3b60ced5c54dbb7", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000005900)=[{0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000001480)=""/4096, 0x1000}], 0x1}, 0x0)

18:37:14 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
close(r0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x200000, 0x0)
ioctl$LOOP_SET_FD(r1, 0x4c00, r0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={<r2=>0x0, r1, 0x0, 0xa, &(0x7f0000000040)='/dev/ptmx\x00', 0xffffffffffffffff}, 0x30)
getpriority(0x2, r2)

18:37:14 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  873.555741] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:37:14 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:14 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
sysfs$3(0x3)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x7fff, 0x200)
setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f0000000040)={0x0, @rand_addr=0xac12, 0x4e23, 0x2, 'nq\x00', 0x1, 0x2, 0x68}, 0x2c)

18:37:14 executing program 5:
unshare(0x8000400)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x4004510f, 0x0)

[  873.600830] audit: type=1400 audit(1564511834.038:65): avc:  denied  { map } for  pid=11916 comm="syz-executor.0" path="/selinux/avc/hash_stats" dev="selinuxfs" ino=26 scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=system_u:object_r:security_t:s0 tclass=file permissive=1
[  873.640360] Bluetooth: hci0: Frame reassembly failed (-84)
18:37:14 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:14 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4800, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  873.733287] Bluetooth: hci1: Frame reassembly failed (-84)
[  873.750168] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  875.675564] Bluetooth: hci0: command 0x1003 tx timeout
[  875.681009] Bluetooth: hci0: sending frame failed (-49)
[  875.755582] Bluetooth: hci1: command 0x1003 tx timeout
[  875.760972] Bluetooth: hci1: sending frame failed (-49)
[  876.555692] Bluetooth: hci2: command 0x1003 tx timeout
[  876.562233] Bluetooth: hci2: sending frame failed (-49)
[  877.755605] Bluetooth: hci0: command 0x1001 tx timeout
[  877.761431] Bluetooth: hci0: sending frame failed (-49)
[  877.835630] Bluetooth: hci1: command 0x1001 tx timeout
[  877.841244] Bluetooth: hci1: sending frame failed (-49)
[  878.635766] Bluetooth: hci2: command 0x1001 tx timeout
[  878.641992] Bluetooth: hci2: sending frame failed (-49)
[  879.835656] Bluetooth: hci0: command 0x1009 tx timeout
[  879.916161] Bluetooth: hci1: command 0x1009 tx timeout
[  880.715800] Bluetooth: hci2: command 0x1009 tx timeout
18:37:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:24 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:24 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4c00, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:24 executing program 5:
unshare(0x8000400)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x40045109, 0x0)

18:37:24 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:24 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4c02, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:24 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  883.776543] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:37:24 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

[  883.817899] Bluetooth: hci0: Frame reassembly failed (-84)
[  883.823571] Bluetooth: hci0: Frame reassembly failed (-84)
[  883.845447] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:37:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
dup2(r0, r0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='overlay\x00', 0x20000, &(0x7f0000000100)=ANY=[@ANYBLOB='xino=off,xn,jfs_export=off,metacopy=off,lowerdir=./file0,smackfshat=vmnet1[,dont_appraise,\x00'])
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:25 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:25 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net\x00\x00\x00\x00\x00\x00\x00\a/expire_nodest_conn\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
write$P9_RWRITE(0xffffffffffffffff, 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/11, 0xeb)

18:37:25 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  885.061051] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  885.835589] Bluetooth: hci0: command 0x1003 tx timeout
[  885.841114] Bluetooth: hci0: sending frame failed (-49)
[  886.645550] Bluetooth: hci1: command 0x1003 tx timeout
[  886.651201] Bluetooth: hci1: sending frame failed (-49)
[  887.915664] Bluetooth: hci0: command 0x1001 tx timeout
[  887.921227] Bluetooth: hci0: sending frame failed (-49)
[  888.715544] Bluetooth: hci1: command 0x1001 tx timeout
[  888.721185] Bluetooth: hci1: sending frame failed (-49)
[  889.995634] Bluetooth: hci0: command 0x1009 tx timeout
[  890.795651] Bluetooth: hci1: command 0x1009 tx timeout
18:37:35 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCGLCKTRMIOS(r0, 0x5456, &(0x7f0000000000)={0x2, 0x100, 0xfffffffffffffffa, 0xffffffffffffffb4, 0x16, 0x4, 0x4136, 0xfffffffffffffffb, 0x10001, 0xb3b, 0x8, 0x8})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:35 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:35 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:35 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6800, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:35 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
fcntl$addseals(r0, 0x409, 0x2)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:35 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net\x00\x00\x00\x00\x00\x00\x00\a/expire_nodest_conn\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$sock_inet_udp_SIOCOUTQ(0xffffffffffffffff, 0x5411, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
write$P9_RWRITE(0xffffffffffffffff, 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/11, 0xeb)

[  894.672227] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  894.698565] Bluetooth: hci1: Frame reassembly failed (-84)
18:37:35 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:37:35 executing program 2:
syz_mount_image$xfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:35 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6c00, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:35 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:35 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  894.902095] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:37:35 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7400, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  895.046732] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  895.472543] Bluetooth: hci2: Frame reassembly failed (-84)
[  896.715624] Bluetooth: hci1: command 0x1003 tx timeout
[  896.721155] Bluetooth: hci1: sending frame failed (-49)
[  896.795607] Bluetooth: hci0: command 0x1003 tx timeout
[  896.800991] Bluetooth: hci0: sending frame failed (-49)
[  897.515552] Bluetooth: hci2: command 0x1003 tx timeout
[  897.515581] Bluetooth: hci3: command 0x1003 tx timeout
[  897.526258] Bluetooth: hci2: sending frame failed (-49)
[  897.531697] Bluetooth: hci3: sending frame failed (-49)
[  898.795690] Bluetooth: hci1: command 0x1001 tx timeout
[  898.801094] Bluetooth: hci1: sending frame failed (-49)
[  898.875611] Bluetooth: hci0: command 0x1001 tx timeout
[  898.880992] Bluetooth: hci0: sending frame failed (-49)
[  899.595640] Bluetooth: hci3: command 0x1001 tx timeout
[  899.595669] Bluetooth: hci2: command 0x1001 tx timeout
[  899.601013] Bluetooth: hci3: sending frame failed (-49)
[  899.611419] Bluetooth: hci2: sending frame failed (-49)
[  900.875599] Bluetooth: hci1: command 0x1009 tx timeout
[  900.955579] Bluetooth: hci0: command 0x1009 tx timeout
[  901.675569] Bluetooth: hci3: command 0x1009 tx timeout
[  901.675576] Bluetooth: hci2: command 0x1009 tx timeout
18:37:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:45 executing program 2:
syz_mount_image$xfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:45 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7a00, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:45 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:37:45 executing program 5:
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_ifreq(r0, 0x89f3, &(0x7f00000000c0)={'sit0\x00', @ifru_settings={0x0, 0x0, @te1=0x0}})

18:37:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x101000, 0x80)
mmap$perf(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x4, 0x22010, r1, 0x0)
r2 = getpgid(0x0)
ioctl$TUNSETSTEERINGEBPF(r1, 0x800454e0, &(0x7f0000000080)=r1)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r1, 0xc1105511, &(0x7f0000000100)={{0x5, 0x0, 0x100, 0x0, 'syz0\x00', 0x2}, 0x6, 0x32, 0x2d9, r2, 0x1, 0x5, 'syz0\x00', &(0x7f0000000040)=['ppp0vboxnet1louser$md5summd5sum\x00'], 0x20, [], [0xfffffffffffffff7, 0x3, 0x100, 0x101]})
ioctl$KDADDIO(r0, 0x400455c8, 0x9)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:37:46 executing program 5:
r0 = epoll_create(0x7fffffff)
ioctl$int_out(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
ioctl$TIOCGPTPEER(0xffffffffffffffff, 0x5441, 0x0)
dup2(0xffffffffffffffff, r0)

[  905.563973] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:37:46 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:46 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:37:46 executing program 2:
syz_mount_image$xfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

[  905.707321] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:37:46 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x34000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:46 executing program 0:
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video36\x00', 0x2, 0x0)
preadv(r0, &(0x7f0000000480)=[{&(0x7f0000000100)=""/189, 0xbd}, {&(0x7f0000000280)=""/200, 0xc8}, {&(0x7f0000000380)=""/231, 0xe7}, {&(0x7f0000000040)=""/38, 0x26}, {&(0x7f00000001c0)=""/89, 0x59}], 0x5, 0x4e)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x20000, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xc)
ioctl$KDADDIO(r1, 0x400455c8, 0xb5a)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$KDENABIO(r1, 0x4b36)

18:37:46 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  905.844798] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:37:46 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:46 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x400300, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:46 executing program 0:
r0 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x1, 0x800)
getsockopt$IP6T_SO_GET_INFO(r0, 0x29, 0x40, &(0x7f0000000040)={'mangle\x00'}, &(0x7f0000000100)=0x54)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

18:37:46 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  906.059926] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  906.113307] Bluetooth: hci1: Frame reassembly failed (-84)
[  906.120377] Bluetooth: hci1: Frame reassembly failed (-84)
[  907.595552] Bluetooth: hci0: Entering manufacturer mode failed (-110)
[  907.595586] Bluetooth: hci0: command 0xfc11 tx timeout
[  908.155584] Bluetooth: hci1: command 0x1003 tx timeout
[  908.160965] Bluetooth: hci1: sending frame failed (-49)
18:37:48 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0)
ioperm(0x4, 0x0, 0x9)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000040)={0x9, 0x0, {0x0, 0x2, 0x100000000, 0x2, 0x80}})

18:37:48 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:48 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf0ffff, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:48 executing program 5:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000240)={@mcast2}, &(0x7f0000000480)=0x14)

18:37:48 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  908.395578] Bluetooth: hci2: Entering manufacturer mode failed (-110)
[  908.396053] Bluetooth: hci2: command 0xfc11 tx timeout
18:37:48 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  908.453809] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  908.480370] Bluetooth: hci0: Frame reassembly failed (-84)
18:37:48 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=m'])

18:37:48 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x1000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:37:49 executing program 5:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x50000}]})
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x140, 0x0)
fchown(r0, 0x0, 0x0)

18:37:49 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  908.597984] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  908.955547] Bluetooth: hci3: command 0x1003 tx timeout
[  908.960955] Bluetooth: hci3: sending frame failed (-49)
[  909.249355] Bluetooth: hci2: Frame reassembly failed (-84)
[  910.235606] Bluetooth: hci1: command 0x1001 tx timeout
[  910.240991] Bluetooth: hci1: sending frame failed (-49)
[  910.555577] Bluetooth: hci0: command 0x1003 tx timeout
[  910.560987] Bluetooth: hci0: sending frame failed (-49)
[  911.035625] Bluetooth: hci3: command 0x1001 tx timeout
[  911.041031] Bluetooth: hci3: sending frame failed (-49)
[  911.275595] Bluetooth: hci2: command 0x1003 tx timeout
[  911.281055] Bluetooth: hci2: sending frame failed (-49)
[  912.315614] Bluetooth: hci1: command 0x1009 tx timeout
[  912.635684] Bluetooth: hci0: command 0x1001 tx timeout
[  912.641088] Bluetooth: hci0: sending frame failed (-49)
[  913.115594] Bluetooth: hci3: command 0x1009 tx timeout
[  913.355647] Bluetooth: hci2: command 0x1001 tx timeout
[  913.361133] Bluetooth: hci2: sending frame failed (-49)
[  914.715677] Bluetooth: hci0: command 0x1009 tx timeout
[  915.435666] Bluetooth: hci2: command 0x1009 tx timeout
18:37:57 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
rt_sigpending(&(0x7f0000000000), 0x8)
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
connect$netlink(r1, &(0x7f0000000180)=@unspec, 0xc)

18:37:57 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x2000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  917.064613] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  917.076417] Bluetooth: hci1: Frame reassembly failed (-84)
[  919.115670] Bluetooth: hci1: command 0x1003 tx timeout
[  919.121086] Bluetooth: hci1: sending frame failed (-49)
18:38:00 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x13180, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x8000, 0x0)
ioctl$SNDRV_SEQ_IOCTL_DELETE_QUEUE(r1, 0x408c5333, &(0x7f0000000100)={0x2, 0x3, 0x2, 'queue0\x00', 0x8})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

18:38:00 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

18:38:00 executing program 5:
openat$random(0xffffffffffffff9c, &(0x7f0000000000)='/dev/urandom\x00', 0x400002, 0x0)

18:38:00 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:00 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x3000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:00 executing program 5:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000300)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat$cgroup_subtree(0xffffffffffffffff, 0x0, 0x2, 0x0)
accept$inet(r0, 0x0, 0x0)

18:38:00 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  919.631654] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:00 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:00 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCSBRK(r0, 0x5409, 0x8)
ioctl$KDGETKEYCODE(r0, 0x4b4c, &(0x7f0000000000)={0xfffffffffffffff9, 0x4})
sigaltstack(&(0x7f0000fef000/0xf000)=nil, &(0x7f0000000040))
ioctl$TIOCCONS(r0, 0x541d)
ioctl$KDADDIO(r0, 0x400455c8, 0xfffffffffffff7fc)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:00 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  919.824364] XFS (loop2): Invalid superblock magic number
[  919.830525] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  919.916162] Bluetooth: hci3: command 0x1003 tx timeout
[  919.921545] Bluetooth: hci3: sending frame failed (-49)
[  921.195648] Bluetooth: hci1: command 0x1001 tx timeout
[  921.201809] Bluetooth: hci1: sending frame failed (-49)
[  921.995582] Bluetooth: hci3: command 0x1001 tx timeout
[  922.001175] Bluetooth: hci3: sending frame failed (-49)
[  923.275723] Bluetooth: hci1: command 0x1009 tx timeout
[  924.075551] Bluetooth: hci3: command 0x1009 tx timeout
18:38:08 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x80000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:08 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:08 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:08 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x5000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:08 executing program 5:
pipe(&(0x7f0000000040)={<r0=>0xffffffffffffffff})
prctl$PR_SET_SECCOMP(0x16, 0x0, &(0x7f00000000c0)={0x0, 0x0})
getsockopt$ARPT_SO_GET_ENTRIES(0xffffffffffffffff, 0x0, 0x61, 0x0, 0x0)
getresgid(0x0, 0x0, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000300)='cpuacct.usage_all\x00', 0x0, 0x0)
ioctl$TCGETA(0xffffffffffffffff, 0x5405, 0x0)
timerfd_gettime(0xffffffffffffffff, 0x0)

18:38:08 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  927.953627] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  927.969860] Bluetooth: hci0: Frame reassembly failed (-84)
18:38:08 executing program 5:
r0 = syz_open_dev$sndseq(&(0x7f0000000480)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_POOL(r0, 0xc058534b, &(0x7f0000000400))

18:38:08 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:08 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  928.026906] Bluetooth: hci1: Frame reassembly failed (-84)
[  928.032926] Bluetooth: hci1: Frame reassembly failed (-84)
18:38:08 executing program 5:
unshare(0x8000400)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5100, 0x0)

[  928.074613] XFS (loop2): Invalid superblock magic number
[  928.103179] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:08 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:38:08 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)

[  928.324218] XFS (loop2): Invalid superblock magic number
[  928.802020] Bluetooth: hci3: Frame reassembly failed (-84)
[  929.995578] Bluetooth: hci0: command 0x1003 tx timeout
[  930.000985] Bluetooth: hci0: sending frame failed (-49)
[  930.075570] Bluetooth: hci1: command 0x1003 tx timeout
[  930.080974] Bluetooth: hci1: sending frame failed (-49)
[  930.795588] Bluetooth: hci2: command 0x1003 tx timeout
[  930.801033] Bluetooth: hci2: sending frame failed (-49)
[  930.885551] Bluetooth: hci3: command 0x1003 tx timeout
[  930.891156] Bluetooth: hci3: sending frame failed (-49)
[  932.075676] Bluetooth: hci0: command 0x1001 tx timeout
[  932.081072] Bluetooth: hci0: sending frame failed (-49)
[  932.155586] Bluetooth: hci1: command 0x1001 tx timeout
[  932.161029] Bluetooth: hci1: sending frame failed (-49)
[  932.875556] Bluetooth: hci2: command 0x1001 tx timeout
[  932.880985] Bluetooth: hci2: sending frame failed (-49)
[  932.955581] Bluetooth: hci3: command 0x1001 tx timeout
[  932.960978] Bluetooth: hci3: sending frame failed (-49)
[  934.155561] Bluetooth: hci0: command 0x1009 tx timeout
[  934.235570] Bluetooth: hci1: command 0x1009 tx timeout
[  934.955686] Bluetooth: hci2: command 0x1009 tx timeout
[  935.035599] Bluetooth: hci3: command 0x1009 tx timeout
18:38:19 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x62056a6a, 0x14100)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000040)={0x8, 0x10000, 0x8000, 0x4, 0x401, 0x80000001, 0x2, 0x9, <r2=>0x0}, &(0x7f0000000080)=0x20)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000100)={r2}, &(0x7f0000000140)=0x8)

18:38:19 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:19 executing program 5:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'neZ\xday4/\x84\xc1\x80\xe0~(\xc1\x00', 0x2})

18:38:19 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:19 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[])

18:38:19 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0x60400, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1c, &(0x7f0000000080)={@remote, <r2=>0x0}, &(0x7f0000000100)=0x14)
getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000140)={{{@in=@broadcast, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000280)=0xe8)
sendmsg$nl_xfrm(r1, &(0x7f00000004c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x14000108}, 0xc, &(0x7f0000000480)={&(0x7f00000002c0)=ANY=[@ANYBLOB="980100001b00140727bd7000fedbdf25ff020000000000000000000000000001fe8800000000000000000000000001014e2300024e208edd020080803a000000", @ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="060000000000000000000100000000004e0900000000000004000000000000007e200000daf77a628261000000000700000000000000130b000000000000010000000000000000010000000000000000000000090000000000000000000000ba6b6e00030001020000000006000000000000002c001300ffffffff000000000000000000000000fe8000000000000000000000000000aa00000000000000000c0015005c0735000900000024000900010000800000000001000080000000000700000000000000030000000000000014000d00e0000001000000000000000000000000600002006362632d6165732d6e65776e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000a8000000976dfe2a77b749a5ba413798f07487b225286452d60000000800"/336], 0x198}, 0x1, 0x0, 0x0, 0x810}, 0x4)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x800000081)
setsockopt$SO_RDS_TRANSPORT(r1, 0x114, 0x8, &(0x7f0000000500)=0x1, 0x4)
ioctl$TCSETSW(r1, 0x5403, &(0x7f0000000540)={0x7, 0xffff, 0xa, 0x3, 0xd, 0x7f, 0xffffffffffff8000, 0x8, 0x5, 0x100000001, 0x1f})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
socket$caif_stream(0x25, 0x1, 0x5)

18:38:19 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0x40405514, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdf\xff\x00', 0xffffffffffffffff}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})

18:38:19 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:19 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xa000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  939.476624] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:20 executing program 5:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r0, 0x0, 0x80, &(0x7f0000000040)=@filter={'filter\\\x8f\x02\x00\x00\x00\x00l\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00', 0xe, 0x2, 0x250, [0x0, 0x20000100, 0x20000130, 0x20000280], 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000002000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000003000000000000000000697036677265300000000000000000007465616d30000000000000000000000076657468305f746f5f626f6e6400000076657468305f746f5f626f6e64000000aaaaaaaaaa0000000000000024ffffffffff0000000000000000f0000000f0000000200100006c696d697400000000000000000000000000000000000000000000000000000020000000000000000000000002000000000000000000000000000000000000000000000000000000636c75737465720000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000041554449540000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff0100000011000000000000000000766c616e3000000000000000000000006c6f0000000000000000000000000000726f736530000000000000000000000062726964676530000000000000000000ffffffffffff000000000000aaaaaaaaaa0000000000000000007000000070000000a000000041554449540000000000000000000000000000000000000000000000000000000800"/592]}, 0x2c8)

18:38:20 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:38:20 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x44080, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  939.563383] XFS (loop2): Invalid superblock magic number
[  939.578097] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  939.607821] Bluetooth: hci1: Frame reassembly failed (-84)
[  939.620541] xt_cluster: cannot load conntrack support for proto=7
[  941.515549] Bluetooth: hci0: command 0x1003 tx timeout
[  941.520975] Bluetooth: hci0: sending frame failed (-49)
[  941.685545] Bluetooth: hci1: command 0x1003 tx timeout
[  941.690951] Bluetooth: hci1: sending frame failed (-49)
[  942.315537] Bluetooth: hci2: command 0x1003 tx timeout
[  942.321134] Bluetooth: hci2: sending frame failed (-49)
[  942.485694] Bluetooth: hci3: command 0x1003 tx timeout
[  942.491107] Bluetooth: hci3: sending frame failed (-49)
[  943.595636] Bluetooth: hci0: command 0x1001 tx timeout
[  943.601239] Bluetooth: hci0: sending frame failed (-49)
[  943.755579] Bluetooth: hci1: command 0x1001 tx timeout
[  943.761038] Bluetooth: hci1: sending frame failed (-49)
[  944.395579] Bluetooth: hci2: command 0x1001 tx timeout
[  944.401353] Bluetooth: hci2: sending frame failed (-49)
[  944.555566] Bluetooth: hci3: command 0x1001 tx timeout
[  944.561081] Bluetooth: hci3: sending frame failed (-49)
[  945.675668] Bluetooth: hci0: command 0x1009 tx timeout
[  945.835609] Bluetooth: hci1: command 0x1009 tx timeout
[  946.475768] Bluetooth: hci2: command 0x1009 tx timeout
[  946.635609] Bluetooth: hci3: command 0x1009 tx timeout
18:38:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x400000100, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x13)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:30 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xe000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:30 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[])

18:38:30 executing program 5:
r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000100)={{0x0, 0x0, 0x0, 0x0, 'syz0\x00\x00\x00\x00\x00\x00\x00\x00@\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdf\xff\x00'}, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz1\x00', 0x0, 0x0, [], [0x0, 0x10001, 0x1]})

18:38:30 executing program 5:

18:38:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  950.341495] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:30 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:30 executing program 5:

18:38:30 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000000)={0xa5, 0x9, 0x401, 0x1, 0x10, 0x5, 0x5, 0x7fff, 0x3f, 0x7ffe})
pipe2(&(0x7f0000000040)={<r1=>0xffffffffffffffff}, 0x84000)
ioctl$VIDIOC_UNSUBSCRIBE_EVENT(r1, 0x4020565b, &(0x7f0000000080)={0x0, 0x9})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:30 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  950.430593] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  950.438885] XFS (loop2): Invalid superblock magic number
18:38:31 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:31 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x20000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:31 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[])

18:38:31 executing program 5:

18:38:31 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:31 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net\x00\x00\x00\x00\x00\x00\x00\a/expire_nodest_conn\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
bind$bt_rfcomm(0xffffffffffffffff, 0x0, 0x0)
getdents64(r0, &(0x7f00000000c0)=""/11, 0x200001ab)

18:38:31 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x3f000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:31 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  950.981779] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:31 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x48000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:31 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[  951.062975] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  951.102996] XFS (loop2): Invalid superblock magic number
[  951.130580] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  952.555559] Bluetooth: hci0: command 0x1003 tx timeout
[  952.560941] Bluetooth: hci0: sending frame failed (-49)
[  953.035558] Bluetooth: hci1: command 0x1003 tx timeout
[  953.040949] Bluetooth: hci1: sending frame failed (-49)
[  953.355533] Bluetooth: hci2: command 0x1003 tx timeout
[  953.360940] Bluetooth: hci2: sending frame failed (-49)
[  953.835698] Bluetooth: hci3: command 0x1003 tx timeout
[  953.841174] Bluetooth: hci3: sending frame failed (-49)
[  954.635572] Bluetooth: hci0: command 0x1001 tx timeout
[  954.640960] Bluetooth: hci0: sending frame failed (-49)
[  955.115571] Bluetooth: hci1: command 0x1001 tx timeout
[  955.120958] Bluetooth: hci1: sending frame failed (-49)
[  955.435615] Bluetooth: hci2: command 0x1001 tx timeout
[  955.441016] Bluetooth: hci2: sending frame failed (-49)
[  955.915616] Bluetooth: hci3: command 0x1001 tx timeout
[  955.920999] Bluetooth: hci3: sending frame failed (-49)
[  956.715647] Bluetooth: hci0: command 0x1009 tx timeout
[  957.195652] Bluetooth: hci1: command 0x1009 tx timeout
[  957.515586] Bluetooth: hci2: command 0x1009 tx timeout
[  957.995757] Bluetooth: hci3: command 0x1009 tx timeout
18:38:42 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x80, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:42 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB])

18:38:42 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4c000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:42 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x2)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:42 executing program 5:
r0 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt(r1, 0x2, 0xfffffffffffffffe, &(0x7f00000006c0)="d7c252521d27ac85851d84c4150f80fc5eba4f559e4c29ef4e2d8c40c90080d2f3a7a9dc8004d0e9b9f477a6e14929a7c4cc5abfc8de1884899a40a2e4fd150fe601b25db405ed80218653b710488f205a44a5168d85165a5f65bc82afc2012c4ba09c197b7548dfd648f1d5f7aeef47bb1a45e1a62c4a93123ec8c8aaeac1e8cf7189d68cc6211f2c523bfae493ecdcb43932551f50acfa3f59ce6c078e54885193d70596a43fe6d80f7811bb2aa3347ae47e96afcc21ae9a932b63c3493315bd4d832831df9d81046bc6b06039ac555211b7e90eb99e61ab49c7b3506f467dd6f7dc47f3a06fcb00000000", 0x16d)
clone(0xc1bc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r2 = getpid()
rt_tgsigqueueinfo(r2, r2, 0x16, &(0x7f0000000000))
ptrace(0x4206, r2)
socket$packet(0x11, 0x7c858b3f42804f9a, 0x300)
setsockopt$packet_int(r0, 0x107, 0x0, 0x0, 0x20c)
timer_create(0x7, &(0x7f00000002c0)={0x0, 0x1c, 0x4, @tid=r2}, &(0x7f0000000340)=<r3=>0x0)
timer_delete(r3)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x80a02200, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, @perf_bp={0x0}, 0x200000000, 0x2}, r2, 0x0, 0xffffffffffffffff, 0x0)
mount(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f00000003c0)='nfs\x00\xef\xf1a\x17\x12\x9e\xd0Y\x8a\xa8\xd4', 0x0, &(0x7f0000000000))
r4 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000100)="24000000030307031dfffd944ef20c0020200a0009000100021d85680c1baba20400ff7e28000000110affff82aba0aa1c0009b356da5a80918b06b20cd37ed01cc000"/76, 0x4c}], 0x1, 0x0, 0x0, 0xf0}, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)

18:38:42 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:42 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4c020000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  961.895189] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  961.934466] Bluetooth: hci0: Frame reassembly failed (-84)
18:38:42 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  961.998269] ptrace attach of "/root/syz-executor.5"[12484] was attempted by "/root/syz-executor.5"[12498]
[  962.011233] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  962.020247] XFS (loop2): Invalid superblock magic number
18:38:42 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x60000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:42 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:38:42 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB])

18:38:42 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000000)=0x3d6)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000040)={0x2, [0x80, 0x18]}, &(0x7f0000000080)=0x8)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[  962.173128] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  962.231906] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[  962.258035] Bluetooth: hci1: Frame reassembly failed (-84)
[  962.264882] Bluetooth: hci1: Frame reassembly failed (-84)
[  962.284390] XFS (loop2): Invalid superblock magic number
[  962.737449] netlink: 20 bytes leftover after parsing attributes in process `syz-executor.5'.
[  963.995635] Bluetooth: hci0: command 0x1003 tx timeout
[  964.001253] Bluetooth: hci0: sending frame failed (-49)
[  964.325543] Bluetooth: hci1: command 0x1003 tx timeout
[  964.331044] Bluetooth: hci1: sending frame failed (-49)
[  964.795571] Bluetooth: hci2: command 0x1003 tx timeout
[  964.800980] Bluetooth: hci2: sending frame failed (-49)
[  965.115552] Bluetooth: hci3: command 0x1003 tx timeout
[  965.120928] Bluetooth: hci3: sending frame failed (-49)
[  966.075616] Bluetooth: hci0: command 0x1001 tx timeout
[  966.081000] Bluetooth: hci0: sending frame failed (-49)
[  966.395595] Bluetooth: hci1: command 0x1001 tx timeout
[  966.400998] Bluetooth: hci1: sending frame failed (-49)
[  966.875573] Bluetooth: hci2: command 0x1001 tx timeout
[  966.880966] Bluetooth: hci2: sending frame failed (-49)
[  967.195578] Bluetooth: hci3: command 0x1001 tx timeout
[  967.201313] Bluetooth: hci3: sending frame failed (-49)
[  968.155629] Bluetooth: hci0: command 0x1009 tx timeout
[  968.475571] Bluetooth: hci1: command 0x1009 tx timeout
[  968.955599] Bluetooth: hci2: command 0x1009 tx timeout
[  969.275591] Bluetooth: hci3: command 0x1009 tx timeout
18:38:53 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:53 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x68000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:53 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB])

18:38:53 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x1000000000003)
ioctl$TCXONC(r0, 0x540a, 0x10001)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000180)=ANY=[@ANYBLOB="0100000000050000010000809da97eb9a630405625be"])
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4008ae89, &(0x7f0000000100)={0x7b, 0x0, [0xc0010140]})

18:38:53 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuacct.usage_percpu_sys\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_MAXSEG(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={<r2=>0x0, 0x4}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000100)={r2, 0x101, 0x200}, &(0x7f0000000140)=0x8)

18:38:53 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  973.383590] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:53 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = shmget$private(0x0, 0x4000, 0x6, &(0x7f0000ffc000/0x4000)=nil)
shmctl$IPC_RMID(r1, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r2 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
ioctl$UI_DEV_SETUP(r2, 0x405c5503, &(0x7f0000000040)={{0x80000001, 0x7fffffff, 0x9, 0x1b8}, 'syz0\x00', 0x2})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:38:53 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6c000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:38:53 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:38:53 executing program 5:

[  973.496346] XFS (loop2): Invalid superblock magic number
[  973.509699] Bluetooth: hci1: Frame reassembly failed (-84)
18:38:54 executing program 5:

18:38:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x74000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  973.550410] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:54 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocs'])

18:38:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:38:54 executing program 5:

[  973.662217] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:38:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7a000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  973.703629] XFS (loop2): unknown mount option [allocs].
[  973.740040] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  974.297590] Bluetooth: hci3: Frame reassembly failed (-84)
[  975.435588] Bluetooth: hci0: command 0x1003 tx timeout
[  975.440972] Bluetooth: hci0: sending frame failed (-49)
[  975.515543] Bluetooth: hci1: command 0x1003 tx timeout
[  975.520918] Bluetooth: hci1: sending frame failed (-49)
[  976.235531] Bluetooth: hci2: command 0x1003 tx timeout
[  976.240916] Bluetooth: hci2: sending frame failed (-49)
[  976.315609] Bluetooth: hci3: command 0x1003 tx timeout
[  976.320984] Bluetooth: hci3: sending frame failed (-49)
[  977.515592] Bluetooth: hci0: command 0x1001 tx timeout
[  977.520988] Bluetooth: hci0: sending frame failed (-49)
[  977.595686] Bluetooth: hci1: command 0x1001 tx timeout
[  977.601103] Bluetooth: hci1: sending frame failed (-49)
[  978.315616] Bluetooth: hci2: command 0x1001 tx timeout
[  978.321990] Bluetooth: hci2: sending frame failed (-49)
[  978.395636] Bluetooth: hci3: command 0x1001 tx timeout
[  978.401018] Bluetooth: hci3: sending frame failed (-49)
[  979.595577] Bluetooth: hci0: command 0x1009 tx timeout
[  979.675609] Bluetooth: hci1: command 0x1009 tx timeout
[  980.395626] Bluetooth: hci2: command 0x1009 tx timeout
[  980.475686] Bluetooth: hci3: command 0x1009 tx timeout
18:39:04 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000000)=[@mss={0x2, 0x3}, @sack_perm, @mss={0x2, 0x4}], 0x3)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:39:04 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:39:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCFLSH(r0, 0x540b, 0x1)
r1 = creat(&(0x7f0000000080)='./file0\x00', 0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$KVM_X86_GET_MCE_CAP_SUPPORTED(r0, 0x8008ae9d, &(0x7f0000000100)=""/115)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
r2 = getpid()
ioctl$UI_SET_ABSBIT(r1, 0x40045567, 0x2)
perf_event_open(&(0x7f0000000180)={0x4, 0x70, 0x2d1, 0x9, 0xfff, 0x0, 0x0, 0x3, 0x20000, 0x4, 0x4, 0xffffffff, 0x3f, 0x10000, 0x4, 0x2, 0x0, 0x8, 0x3, 0x80000001, 0x0, 0x1, 0x81, 0x1, 0x400, 0xffffffff7fffffff, 0x5, 0x0, 0x5, 0x4, 0x1, 0x9, 0x8, 0xff, 0x5, 0x7fff, 0xffff, 0x80, 0x0, 0x71, 0x4, @perf_config_ext={0x101, 0x2}, 0x1, 0x86, 0x2, 0x7, 0x1, 0x0, 0x100000001}, r2, 0xd, 0xffffffffffffffff, 0x2)
ioctl$DRM_IOCTL_MAP_BUFS(r1, 0xc0186419, &(0x7f0000000200)={0x3, &(0x7f0000000280)=""/4096, &(0x7f00000014c0)=[{0x0, 0x8a, 0x401, &(0x7f0000001280)=""/138}, {0x9, 0x6a, 0xdcc, &(0x7f0000001340)=""/106}, {0x8261, 0xe9, 0x0, &(0x7f00000013c0)=""/233}]})
r3 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000000), 0x80800)
setsockopt$bt_l2cap_L2CAP_LM(r3, 0x6, 0x3, &(0x7f0000000040)=0x8, 0x4)

18:39:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x9effffff, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:05 executing program 5:

18:39:05 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocs'])

18:39:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:39:05 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:39:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf0ffffff, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:05 executing program 5:

[  984.922570] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  984.937020] Bluetooth: hci0: Frame reassembly failed (-84)
[  984.945099] XFS (loop2): unknown mount option [allocs].
18:39:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:39:05 executing program 5:

[  985.039060] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:39:05 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocs'])

18:39:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xfffff000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[  985.169914] XFS (loop2): unknown mount option [allocs].
[  985.193231] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  986.955563] Bluetooth: hci0: command 0x1003 tx timeout
[  986.960996] Bluetooth: hci0: sending frame failed (-49)
[  987.035583] Bluetooth: hci1: command 0x1003 tx timeout
[  987.040976] Bluetooth: hci1: sending frame failed (-49)
[  987.755577] Bluetooth: hci2: command 0x1003 tx timeout
[  987.761091] Bluetooth: hci2: sending frame failed (-49)
[  989.035574] Bluetooth: hci0: command 0x1001 tx timeout
[  989.040967] Bluetooth: hci0: sending frame failed (-49)
[  989.115636] Bluetooth: hci1: command 0x1001 tx timeout
[  989.121042] Bluetooth: hci1: sending frame failed (-49)
[  989.835694] Bluetooth: hci2: command 0x1001 tx timeout
[  989.841102] Bluetooth: hci2: sending frame failed (-49)
[  991.115600] Bluetooth: hci0: command 0x1009 tx timeout
[  991.195558] Bluetooth: hci1: command 0x1009 tx timeout
[  991.915724] Bluetooth: hci2: command 0x1009 tx timeout
18:39:15 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x20000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x400000000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000500)='/dev/hwrng\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000540)=ANY=[@ANYBLOB="e3ffffff", @ANYRES32=<r2=>0x0, @ANYRES32=0x0, @ANYRES32=0x0], &(0x7f0000000580)=0x10)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f00000005c0)={r2, 0x81, 0x3}, 0x8)
ioctl$TIOCLINUX5(r1, 0x541c, &(0x7f0000000000)={0x5, 0x8, 0x7, 0x3017fc81, 0x1f})
ioctl$KDSETLED(r0, 0x4b32, 0x4)

18:39:15 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:39:15 executing program 5:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000640)={'rose0\x00', 0x400})
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6}, 0x0, @in6=@remote}}, &(0x7f00000002c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, <r3=>0x0}, &(0x7f0000000340)=0xc)
fstat(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
fstat(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, <r6=>0x0}, &(0x7f00000004c0)=0xc)
r7 = getgid()
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f00000006c0))
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000700)={0x0, 0x4, 0x8, 0x9, 0x1, 0x1, 0x2, 0xfffffffffffffffb, {<r8=>0x0, @in6={{0xa, 0x4e23, 0x1, @remote, 0x3ff}}, 0x2, 0x10001, 0x8, 0xf5, 0x90d1}}, &(0x7f00000007c0)=0xb0)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000800)={0x0, 0x4, 0x7, 0x8001, 0x4, 0x0, 0x3, 0xff, {r8, @in={{0x2, 0x4e21, @local}}, 0x1, 0xc7, 0x1f, 0x45, 0x3}}, &(0x7f00000008c0)=0xb0)
getresgid(&(0x7f0000000500)=<r9=>0x0, &(0x7f0000000540), &(0x7f0000000580))
fsetxattr$system_posix_acl(r0, &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000005c0)={{}, {0x1, 0x2}, [{0x2, 0x3, r1}, {0x2, 0x2, r2}, {0x2, 0x2, r3}, {0x2, 0x1, r4}], {0x4, 0x2}, [{0x8, 0x2, r5}, {0x8, 0x3, r6}, {0x8, 0x4, r7}, {0x8, 0x6, r9}], {}, {0x20, 0x1}}, 0x64, 0x1)
r10 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
preadv(r10, 0x0, 0x0, 0x0)
sysinfo(&(0x7f0000000000)=""/22)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040), 0x1000000000000324, 0x0, 0xfe44}, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f0000000980)={0x9, 0x0, [{0x5, 0x4, 0x0, 0x0, @sint={0x9, 0x9}}, {0x0, 0x4, 0x0, 0x0, @sint={0x7, 0x3}}, {0x7, 0x7, 0x0, 0x0, @irqchip={0x9, 0x40}}, {0xfff, 0x0, 0x0, 0x0, @irqchip={0x800}}, {0x1ff, 0x1, 0x0, 0x0, @irqchip={0x80, 0x21}}, {0x800, 0x1, 0x0, 0x0, @irqchip={0x1, 0x1000}}, {0xe30, 0x0, 0x0, 0x0, @adapter={0x2, 0x9, 0x6, 0x1, 0x1ff}}, {0x0, 0x7, 0x0, 0x0, @irqchip={0x8, 0x9}}, {0x1, 0x2, 0x0, 0x0, @irqchip={0x2, 0x3}}]})
r11 = socket$inet(0x10, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lstat(0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000940)={0x0, 0x3, 0x1000, &(0x7f0000000900)=0x18})
ioctl$sock_ifreq(r11, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00\x00\x00\x00\x00\x00)\x00', @ifru_flags})

18:39:15 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xffffff7f, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:15 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize'])

[  995.155953] XFS (loop2): unknown mount option [allocsize].
[  995.165093] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  995.230280] Bluetooth: hci0: Frame reassembly failed (-84)
18:39:16 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x8000000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:39:16 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize'])

18:39:16 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xffffff9e, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:39:16 executing program 5:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000640)={'rose0\x00', 0x400})
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6}, 0x0, @in6=@remote}}, &(0x7f00000002c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, <r3=>0x0}, &(0x7f0000000340)=0xc)
fstat(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
fstat(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, <r6=>0x0}, &(0x7f00000004c0)=0xc)
r7 = getgid()
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f00000006c0))
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000700)={0x0, 0x4, 0x8, 0x9, 0x1, 0x1, 0x2, 0xfffffffffffffffb, {<r8=>0x0, @in6={{0xa, 0x4e23, 0x1, @remote, 0x3ff}}, 0x2, 0x10001, 0x8, 0xf5, 0x90d1}}, &(0x7f00000007c0)=0xb0)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000800)={0x0, 0x4, 0x7, 0x8001, 0x4, 0x0, 0x3, 0xff, {r8, @in={{0x2, 0x4e21, @local}}, 0x1, 0xc7, 0x1f, 0x45, 0x3}}, &(0x7f00000008c0)=0xb0)
getresgid(&(0x7f0000000500)=<r9=>0x0, &(0x7f0000000540), &(0x7f0000000580))
fsetxattr$system_posix_acl(r0, &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000005c0)={{}, {0x1, 0x2}, [{0x2, 0x3, r1}, {0x2, 0x2, r2}, {0x2, 0x2, r3}, {0x2, 0x1, r4}], {0x4, 0x2}, [{0x8, 0x2, r5}, {0x8, 0x3, r6}, {0x8, 0x4, r7}, {0x8, 0x6, r9}], {}, {0x20, 0x1}}, 0x64, 0x1)
r10 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
preadv(r10, 0x0, 0x0, 0x0)
sysinfo(&(0x7f0000000000)=""/22)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040), 0x1000000000000324, 0x0, 0xfe44}, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f0000000980)={0x9, 0x0, [{0x5, 0x4, 0x0, 0x0, @sint={0x9, 0x9}}, {0x0, 0x4, 0x0, 0x0, @sint={0x7, 0x3}}, {0x7, 0x7, 0x0, 0x0, @irqchip={0x9, 0x40}}, {0xfff, 0x0, 0x0, 0x0, @irqchip={0x800}}, {0x1ff, 0x1, 0x0, 0x0, @irqchip={0x80, 0x21}}, {0x800, 0x1, 0x0, 0x0, @irqchip={0x1, 0x1000}}, {0xe30, 0x0, 0x0, 0x0, @adapter={0x2, 0x9, 0x6, 0x1, 0x1ff}}, {0x0, 0x7, 0x0, 0x0, @irqchip={0x8, 0x9}}, {0x1, 0x2, 0x0, 0x0, @irqchip={0x2, 0x3}}]})
r11 = socket$inet(0x10, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lstat(0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000940)={0x0, 0x3, 0x1000, &(0x7f0000000900)=0x18})
ioctl$sock_ifreq(r11, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00\x00\x00\x00\x00\x00)\x00', @ifru_flags})

18:39:16 executing program 5:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000640)={'rose0\x00', 0x400})
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6}, 0x0, @in6=@remote}}, &(0x7f00000002c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, <r3=>0x0}, &(0x7f0000000340)=0xc)
fstat(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
fstat(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, <r6=>0x0}, &(0x7f00000004c0)=0xc)
r7 = getgid()
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f00000006c0))
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000700)={0x0, 0x4, 0x8, 0x9, 0x1, 0x1, 0x2, 0xfffffffffffffffb, {<r8=>0x0, @in6={{0xa, 0x4e23, 0x1, @remote, 0x3ff}}, 0x2, 0x10001, 0x8, 0xf5, 0x90d1}}, &(0x7f00000007c0)=0xb0)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000800)={0x0, 0x4, 0x7, 0x8001, 0x4, 0x0, 0x3, 0xff, {r8, @in={{0x2, 0x4e21, @local}}, 0x1, 0xc7, 0x1f, 0x45, 0x3}}, &(0x7f00000008c0)=0xb0)
getresgid(&(0x7f0000000500)=<r9=>0x0, &(0x7f0000000540), &(0x7f0000000580))
fsetxattr$system_posix_acl(r0, &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000005c0)={{}, {0x1, 0x2}, [{0x2, 0x3, r1}, {0x2, 0x2, r2}, {0x2, 0x2, r3}, {0x2, 0x1, r4}], {0x4, 0x2}, [{0x8, 0x2, r5}, {0x8, 0x3, r6}, {0x8, 0x4, r7}, {0x8, 0x6, r9}], {}, {0x20, 0x1}}, 0x64, 0x1)
r10 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
preadv(r10, 0x0, 0x0, 0x0)
sysinfo(&(0x7f0000000000)=""/22)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040), 0x1000000000000324, 0x0, 0xfe44}, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f0000000980)={0x9, 0x0, [{0x5, 0x4, 0x0, 0x0, @sint={0x9, 0x9}}, {0x0, 0x4, 0x0, 0x0, @sint={0x7, 0x3}}, {0x7, 0x7, 0x0, 0x0, @irqchip={0x9, 0x40}}, {0xfff, 0x0, 0x0, 0x0, @irqchip={0x800}}, {0x1ff, 0x1, 0x0, 0x0, @irqchip={0x80, 0x21}}, {0x800, 0x1, 0x0, 0x0, @irqchip={0x1, 0x1000}}, {0xe30, 0x0, 0x0, 0x0, @adapter={0x2, 0x9, 0x6, 0x1, 0x1ff}}, {0x0, 0x7, 0x0, 0x0, @irqchip={0x8, 0x9}}, {0x1, 0x2, 0x0, 0x0, @irqchip={0x2, 0x3}}]})
r11 = socket$inet(0x10, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lstat(0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000940)={0x0, 0x3, 0x1000, &(0x7f0000000900)=0x18})
ioctl$sock_ifreq(r11, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00\x00\x00\x00\x00\x00)\x00', @ifru_flags})

[  995.794433] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[  995.814058] XFS (loop2): unknown mount option [allocsize].
18:39:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[  995.994417] Bluetooth: hci2: Frame reassembly failed (-84)
[  997.285559] Bluetooth: hci0: command 0x1003 tx timeout
[  997.290985] Bluetooth: hci0: sending frame failed (-49)
[  997.915618] Bluetooth: hci1: command 0x1003 tx timeout
[  997.921023] Bluetooth: hci1: sending frame failed (-49)
[  997.995552] Bluetooth: hci2: command 0x1003 tx timeout
[  998.001001] Bluetooth: hci2: sending frame failed (-49)
[  998.635591] Bluetooth: hci3: command 0x1003 tx timeout
[  998.641004] Bluetooth: hci3: sending frame failed (-49)
[  999.355678] Bluetooth: hci0: command 0x1001 tx timeout
[  999.361217] Bluetooth: hci0: sending frame failed (-49)
[  999.995632] Bluetooth: hci1: command 0x1001 tx timeout
[ 1000.001374] Bluetooth: hci1: sending frame failed (-49)
[ 1000.075649] Bluetooth: hci2: command 0x1001 tx timeout
[ 1000.081140] Bluetooth: hci2: sending frame failed (-49)
[ 1000.715617] Bluetooth: hci3: command 0x1001 tx timeout
[ 1000.721112] Bluetooth: hci3: sending frame failed (-49)
[ 1001.435604] Bluetooth: hci0: command 0x1009 tx timeout
[ 1002.075598] Bluetooth: hci1: command 0x1009 tx timeout
[ 1002.155583] Bluetooth: hci2: command 0x1009 tx timeout
[ 1002.796134] Bluetooth: hci3: command 0x1009 tx timeout
18:39:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x0, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
accept(r1, &(0x7f0000000100)=@generic, &(0x7f0000000000)=0x80)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)

18:39:26 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xfffffff0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:26 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize'])

18:39:26 executing program 5:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/status\x00', 0x0, 0x0)
ioctl$TUNSETQUEUE(r0, 0x400454d9, &(0x7f0000000640)={'rose0\x00', 0x400})
lstat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f00000001c0)={{{@in=@local, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6}, 0x0, @in6=@remote}}, &(0x7f00000002c0)=0xe8)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000300)={0x0, <r3=>0x0}, &(0x7f0000000340)=0xc)
fstat(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, <r4=>0x0})
fstat(0xffffffffffffffff, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000480)={0x0, 0x0, <r6=>0x0}, &(0x7f00000004c0)=0xc)
r7 = getgid()
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, 0x0, &(0x7f00000006c0))
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000700)={0x0, 0x4, 0x8, 0x9, 0x1, 0x1, 0x2, 0xfffffffffffffffb, {<r8=>0x0, @in6={{0xa, 0x4e23, 0x1, @remote, 0x3ff}}, 0x2, 0x10001, 0x8, 0xf5, 0x90d1}}, &(0x7f00000007c0)=0xb0)
getsockopt$inet_sctp6_SCTP_STATUS(r0, 0x84, 0xe, &(0x7f0000000800)={0x0, 0x4, 0x7, 0x8001, 0x4, 0x0, 0x3, 0xff, {r8, @in={{0x2, 0x4e21, @local}}, 0x1, 0xc7, 0x1f, 0x45, 0x3}}, &(0x7f00000008c0)=0xb0)
getresgid(&(0x7f0000000500)=<r9=>0x0, &(0x7f0000000540), &(0x7f0000000580))
fsetxattr$system_posix_acl(r0, &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f00000005c0)={{}, {0x1, 0x2}, [{0x2, 0x3, r1}, {0x2, 0x2, r2}, {0x2, 0x2, r3}, {0x2, 0x1, r4}], {0x4, 0x2}, [{0x8, 0x2, r5}, {0x8, 0x3, r6}, {0x8, 0x4, r7}, {0x8, 0x6, r9}], {}, {0x20, 0x1}}, 0x64, 0x1)
r10 = syz_open_procfs(0x0, &(0x7f0000000180)='io\x00')
preadv(r10, 0x0, 0x0, 0x0)
sysinfo(&(0x7f0000000000)=""/22)
sendmsg(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040), 0x1000000000000324, 0x0, 0xfe44}, 0x0)
ioctl$KVM_SET_GSI_ROUTING(r10, 0x4008ae6a, &(0x7f0000000980)={0x9, 0x0, [{0x5, 0x4, 0x0, 0x0, @sint={0x9, 0x9}}, {0x0, 0x4, 0x0, 0x0, @sint={0x7, 0x3}}, {0x7, 0x7, 0x0, 0x0, @irqchip={0x9, 0x40}}, {0xfff, 0x0, 0x0, 0x0, @irqchip={0x800}}, {0x1ff, 0x1, 0x0, 0x0, @irqchip={0x80, 0x21}}, {0x800, 0x1, 0x0, 0x0, @irqchip={0x1, 0x1000}}, {0xe30, 0x0, 0x0, 0x0, @adapter={0x2, 0x9, 0x6, 0x1, 0x1ff}}, {0x0, 0x7, 0x0, 0x0, @irqchip={0x8, 0x9}}, {0x1, 0x2, 0x0, 0x0, @irqchip={0x2, 0x3}}]})
r11 = socket$inet(0x10, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
lstat(0x0, 0x0)
ioctl$KVM_GET_DEVICE_ATTR(r10, 0x4018aee2, &(0x7f0000000940)={0x0, 0x3, 0x1000, &(0x7f0000000900)=0x18})
ioctl$sock_ifreq(r11, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00\x00\x00\x00\x00\x00)\x00', @ifru_flags})

18:39:26 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[ 1006.034189] XFS (loop2): unknown mount option [allocsize].
[ 1006.051444] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:39:27 executing program 1:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
symlink(&(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='./file0\x00')
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(0xffffffffffffffff, 0x5437, 0x0)

18:39:27 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x40030000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:27 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:39:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000003540)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_NESTED_STATE(r2, 0x4080aebf, &(0x7f0000001340)={0x0, 0x0, 0x2080, {0xffffffffffffffff, 0x0, 0x2}, [], "05d3c7489f2d092d116355f36e82f49c028ae896bc945f5c53042e8a17c0584125403d4eef978e86ece612138cad423b27e4ec703dc8d5a5b97b8a2840c85ea85a6e87e505ef6af814c147fdb164363190d845afe8719c0b728b85d4552ce4126a4a61169d1174874aff74c00352fc8b9d2bfe11004b2e2a1255352955c4d81c6e6dce0a9f3014369a7825300c0e2e3e6b50b58efb198232e4510f3c14543749316eaf140ec13267a9f74b37af7dcc7312c6d337205727544a7ce823caad813ea33f5d6069bfc2fc970cfba3fd051f6d99768470ee4ca5dd8a26e91138b6d8c94c3677204d0fdaea722313c46d953b2e78e39d6b178afc06c5e63d0f563148d5c3a6ff61e756de151633b48f8d660f1bcb8decc09d881fc0294fe12ea56c51ebe1f9f483e2e103f6186b1acabc01a0d0fe8880c3b7331b6ca9672d0e09e5cc52056917f04b8c630cfa467558b060e3fee567c8331b2ff2eee597cff2bb02994deaf1641ab68da82000792176ba81efe24dd733025896be3bc4181cda52f4df08484fee66de3297df43e3a46b953be6b52fd3cbb8d863c1b38223c6c02f9e4383b8e245eea5ed21ba43839d6e580db8c86a1750234b862f94ab94be06fa71168db54ebde9d1a5ef7f74abf296326f6f955601312c906a477752455f440410e7403e3d7291a44a7dc8f3fe33ba6e3e60c7c307a8481200c5d828ddbcbb2f16924f2cdd7dd35509eca9421d96c3999092c1cdd484b6c0681fac151cf9f4d0c8f7db2f3fcc315a2fd93b7d16f5d2a19d8a4a6f777afbe8a73e3aea9e4284f8831ffe066330704cab16d4f16dba437b6a13ee432b64cd7c80aa691a1307fcd18c9de9d1adb06861255c03513a8b3d74af9f9cd7d28721ae15e9fc252f04393612c214238b25229ae61daa22d62ba988942f07ed34bf2c2eb3d7515bce0be534f3e44123b7b8d0a7425bd574c921772565d0d35cfd922e5f42f89445c958f39b3c1f2212cc2ded34c00d7a932054c258f7fdb4b9b460bd3400cf01d4a9d4485a0a8bde03240bd15da5a1e1ef78756b52334f5290f4cb6dab277c611a033b470fa5879135731cb60944676ed073156c38fb89a415ff149e2a7c5d37262b4161711acf36012b35ee758365b7b811bff6faef369052b3afbb7d000d646266282d887967d680e798c70bc392b15dfd63af1a33b197e2a3ce48fa48b2dbba2f7c1174c43fd794428d4b245b96c19dcea29462e0a76976be6d4df181e58652336931aac69b8195cb556902b20c02673ff9c03ad7e3c19da44edc55b553c61250e4358e55e7357104240ab891c0d197d026bc4617f2c9a8ecebd4ff9931416d43bcdc7abeb2bac4c01748bb0862f90d673f12748a1f6cfa46ce8684f3fcd192b0faa7b738ff4503a71a3eefccdf12e579146a8341c0bbb1cedce3341f582305b538a50a95b70734d5e2715bcde1c0e5b7729355c76ef1a98596673d39d813038f7a0fde4e893ff3d2e9e6431afcd2e219c174d0e1b025373358c658bcfab7fc1855c407e12f74cdc5455405fbc800639520976ce8412bde282faac8d09bba8f1ab892c5ad83dd745f772452e6f2f4f950f316a207850dac19f84db44308acdd96c3725d59bcd7a843efc87ccbbc629c48060acf34100af80fc73d1140ecf6a0a9c4f1445ad5e924ce149a886c894534cd935f9fa1432a60d5d2a18b63fbdae59eccf748e400c37759554cf95b9d827cf981318b195a8a8c4ce1c65ea504872812a17524379f43f81f68686da19e1ea8bd59833ce740ec79c2d348f1c71d3ae1f05e485e6782e3726a9e842690f4cded262d5d0ada691304c60442b3536127893daa0dd074ea80bdd673cb284bb36c335752d206db0342f3538f1de6121cd07bb7611c7f5cc0b34a4305b56bf99eea2f7284a8f85634c0689933f17b825ce2049edd2f3cf37a779efadf39ee303f6c2ea487f18e4f5298dd89fea2a0b01d18203ab16431713e8739e1076ed019fac0bd9d8cbd6293ea0f8b58ff6dc98a2f1fc9c5768f84360a91f291d7d200a4f24af30359de25f6f1b88df3160fe33a474374b0de0823df78d86dee21f6fc222598a888332ed8f04d7781e5a647cddee1f0b6e52b2cf7279bf055e1b6e3786aa76cc722d3dc4d08f83ce746fcbe1dc067b06f8df3e7d8231cb1f09ecd8cdab198b50a07aca46050312bd05d3e9e1d57d26211a902a71cbd942dd41c0fbf4b164d6f8fc84f1f98f0e1e4c68c5df7be241d451c2eff090b062106ea0d917feac525014a9021e45d3f177182272639d4c41da3a068178e3eaf5d68964b0a8ebe5d42429a773232f7abe523fd34611c72c74342fba8b46540178e456bc66f41bd9c820031e1ae8246e19775bb91a75f2bcad1f7d91362939f9108b7d4d0ac0468918b92b4ea5ce278c561e9b9223b9fa29c5e8164ac961f8ca8d36618041869f5d52f409468c78010a9ed24f1663bd53a04ce032e6cfa908894c8f6ba71ad23128a417e38bdeffa60073294001c1fc824656048168c14173622f11d0afce1852aa7059b7d02ed93891c4d7d86c33f59f0d58b7e53d7fff5886014a88425aa38fabbda4e5c92da8ec17747207ab5e36e654f9e7681303e74563733d9042ff4ca995c43c50375b13bf04cf39ac8be568346080006f2a8d8804ce02289dc21ab4dcac9910bcacdc52268a7c3612f9a8dbee21f84cc7f448502a7e22ba3fa71ff8a672634779a4d7bbb41435a8199fbe45554d96dfdb792fd2dde0695e2b8c0471259cab501695dbc5be9d352715108c12887c5738f31921999d5f23c00e3995b2ad0e1098c26ec9d246fde41b1ef16a7b91913ed4f7b46ccf8f24e312606f8d40cef35c58ba1ba295c2472a4534ebadf76ad42aa0a43ae4c73316b982425d7ef206c16b0544b706a390d28db7e11210bc4c072eb7a4c5b0b117301f4ba6ba8b93b7b166d34068606d7e6d6d8958d2b6c7816dbab913487bfd2b55c679d0230995bd80cbc6598540c8b7c4f741a2000ee128b010cb253f75d8a5e0cfde438964b3134dfbd0b0e9f4d39d07d0cf3e71abfc9a49c2ca2b5cd74e2dffdd5977e3f5ad8d42f8e1395ce631df289c6f22f5868beaf846c50a6995687c16249448f2b7ace1b7adbb78dd9775b6cf6781809dffa1cd7766e556981ebfa0a463ce8bc5c978085c9070e0663c41144ba16393545b5cef214230434da51dd3cfd23ad775e5864559b141f3129c813da89c4ecb7ad5800d7c12c9e9f034ec9ee2c2a7923fabe480838d55ff59f90c43992545246617791bcca981501e190f6e2e18ef383298a009aefb27fe213dc1cbb6026e521a77ef44049199ca000178e6caecc93073b4e7f02585ae44e23821fd9e7f067ba22f8bdc13954d3f1ac6c43ae6e6c7f16018619ba919c8ab5408ae6a6ac8984a778ef3b06c05d10e30d95d69ae42691189253ba847feb8835905b3659271d4f4d61adbf2872a51044d343ba552663cb222422021af24a70c658d447d3b4fd1203e5aec0d61c81ce606659c33c8f7f5439b52cc4e5698238222fa354a1cea86c834a1a799f0a9687528c666cf36f5d11aa35cf1df5268bbe52b0959321967fbda85bb4ad3ec398cbb12e57a719706c7dacffbfb1ca8cc396fb5b5e379c419d7b81e523450e7cc807f10e3966b6759237eba28c4873c657be019e06ffd523927d0a2ae2a414883f2dc6af0cce6bec872cdef5b36d2905d5ba56ca5d3b0010011a4de6b2fcc1ac639e929a97b38b720c153fa94264d4718ea0435ce67a6b89ec7da121c6468ba50be9e6c151fde89a67f52c60b46b5274f56397e9e57cad727ab3bd840a6a9530101f0ff5621092c0c5207fe6bd86cce5d83e64515fbf09ca4083cb1036ae0327a59d6723e23353d19936a84e16e39f94278f6eae9f29414882676ff97fd161120c370597118351766627abdd23eea92e1d2b56b6a959f5b9628d6a13f37ea261773257a93757f56adb0ee8232acf27197b26a52889c49d9188765da61b972838e12d17e755697ed92a5ad71965a80f158acf6ab61f7d21cdafc77da1717e5c97ca8b99537c42fdf8d10adc628e383f28a770578fc2e65830d93eda36f68a2f56a475bea5944c682b8925150c2fba34970b583e235ed046dfc45277b63bfe2f6c868f81d453c85bfa7d70a72b2261363e24eefdc3dd0d5e0f80889caa55f4b56b109664ae77512a790681ee0b030dc2f0145e4391143bf883287f4278a37ebf21b8caead1940d2d754957855229f03fa0b25adef10a89dfdd5640ae988a1da4fca40a9d0385390e67da9bf9c2b304504c9a42c761ce6aab6fc6b388589d4c614e3e61fe9970ff7f588484b18c160d71ecd23d8a2cf00a0cf37cdef497e301eca9e8dc8cfeecc6531de6c22b8a6b0100aa71045cba3bf7382745ada4f29305b2a59ddd5bd12213ed7fdf5afd4cbe66a4e8551d3b2fe69dd87cb679669010cdfcd8f4599fae36dc56c4ad863d99e8c016f2eda0d01ddd308e05a60b0a39523d37fc9efd67778a1546d917b0f503feafc5862b882e88d428ecee77879a89cf37ea766ceb9e099148fae53c5f7e4f187efa8b266761c1ea78622c945368a107c5ba258ea7f9db45a0ae0499672984dd77f04dc1fc26d04b00971af3ea794c98b5964b89981b30eff22346d282a16204dc929a603cf4827f32ac881a9720042c4934616ca9372971602b708f469945de69313a8ca3b25e587ac9c0dc5095e73b1935168a39616d5f44dba529252d0b7b83951338568a2c282d0ed68556bcab5bcc130de2769c6e3e8c6e9e4ef08bc7e03c33d0d1f393042a17cc4f0c496ef0cb60c81b1aadc77286dc08b48b9e9c916037e777fe99822972d46edf3a0b2d593111f9f81f048726875b0ab85f7e2470e16153c1cb09b387f4abe3f6a1955166815b469012c4dbaacad121bdf954ea29c20f5f91e7c37a61f0e978d324169674d948d59f00e40cf50e52a3ec51a95f975c3c5cc67eccca57ac8b7f7257101e65830ce477dc43d17a98a7fa158a9b169cadcef3bb3a875bf83d4d01a4cf6e2df657b948a330c4eb6bd4aaacb20a09a32311ef3948bfaf3b4b656ae353f0d2be3cc49e8aea047774476c86ef121861a2bfd87ab9e771682b6bf63e2231e5d8beb7291f803a1ed65a10663795e9717f1870afac19ad4fa9d76ad9e9fb3451d6492814428b7232d08c0403aa7051d4bdd685fe3c4d9a59a5d9b87d93cf85927f3580934ce1cf548b986eefc6f154a16695985a32bb6afc7cbfc21ebf834f660470b7759407f09e27dad59ae12ac2519ee10fcc26439cad4ef3c248a24ed7365fe5faf6bee753eb8672b03d47ae265a61b07e35f03ac23fd102ea269d584af75ce2b1d59338fbc3e543556df36597224c131d1448920f000acba5a38495729d2424e6d3974560a6d891ed4137323d034dbe467451446e0b9186d5e436d6400673abaae9cb15c8f0b88a80eb136e7cbb1a569bb4b5eb4ce72b47bf4703a0e3fd91ad3b756fc543808c981b5d1a85f4b4863ac294bbb9e0771258da4213bfb080918345b9e30d855686d349ca04598a7aea1c2892457c1815e42ee57ecd6a4ca26aa5119e3353d7d3ba1338fc5938f9aac08ab00428601a26deb7c19cfe9d77aa5d11f1656d3f9de198eafd4e8c5ed140f2cc51f4a965d8e3322b05ed6631370cc08eac7094425e4975c07a9e5157d976d3f14632dd35e5ed6dafe585ac26e83187bbe18f2fe85ac7c6f889453055b8c91cccc41328550404766c380050ea062c74b395785bd8a5d4dbb59577c4428fc687", "33292c24203a81d7ba0b565399c2988e4af0455318869428882327ea660a07e646919394bb10370c6b86c68dda7fdaa8982dc890b9a5e06641192a7e132e5b0a682affcbdc85d6685fbf5463e27d917cdc5feaa5627e2d84eec5caba23b59434f32ccd3492d238b4ae584a5d3927e1c61d30818f8a2c9a6b6edf83ad45297e8b581ac440ff260a761e8b1ed16977b4d084637ff080ef1df831e70ff6c3cdc09d7e1b8e47b902c4e649c1afa88a1ae0947f1b97a870372faf5db806f4e2458ce9bd2f9b03222d3e0d6ed6ea59ac53849213ad897085dc9fac7700c74ec72015134b99e5d687881649c880bcbc39d441591b18f32bde4c06192b123ca50e837fbbbcf786f3c79dfe38c59c78efac8244a5dd8714b296d178c985e065b80318f788c80c2f165502ad3180d21b83cd18e09a1f415479d8107d2a7103a912a1f793233ba82dd35b5e4965fcb4b64fa3fa01f34fc9d0d85cc9c70d9b9cc3a12228f1e3c14a6a7c2b3863645a2fcc3d65ce9f5f4abc1c85bf12be4c232b1464b3d4db97b26918acd74a739e0b52dc145b809eed519b9b50d91a8424fc133fa50b2c0b6f8a65db91485a3230b7e268a1790987a4aa0372151a03cdc940d43c9ac5b2ad261097317cd755b5fc1aa95b709af4e4c03c950256165a2997466781aae45d57adf32dd3682846799d49eeab2560b8858353e97b7ec184d7a3a89ac0ae888bc8ebbff4fc2657e3396d4b621ffc33bbf314fd1a41fbb4423c4f909f124ce0f2b422dbc27482627c5624ef6e12ec74e5a8267123d4f60edf48dd87389c374f922b08ef2446cbe61010cd1478301dc53670effce07c0888f1d50da88b7a3d9e8aef341c7bedf012dea08118f2f05d63bab63cd4069d8203c060eb87811932486cb5e6f1dd50d796f61e2ad2e9b8eee38e7d74c47af9d152b8b1b5b736d0f043b68b0717516677d6af83e3e4507722229da8e7ce740a3d1075de21f6829c8c570d3e7ad0773804e753b77c218a3175c1a779ca569127bca872c023dc9d57a09a187f3cda00d5017c20d148236538ea21982ddc11721d5358463fab8458e46ff22055049fe1313481856b216458424ac9681f4707569d6d5d8793962651570142c0a5b143991d6328f24faa267af8bea06585c8d06433fa5f0128cd25b6bdd90c8af9f4c056f95b7f2529115d44f5d50b91eb4721e3502517ed2a3ce0501d3fa045f22ce682d344a6872a9baa217b27bfe32fcdbc312e84c18ba726617eabf4755b437f48041df384b0f2e0bea205e64a2807d527455729e81320902e7cfc5ae577b1b81df24d55309b1eae696e8674ea44a9dad0e829c3419dbd1e80a7f2994a14816a3239f1357573da3950c2bf015bf66d8837edfdf716a59fdaa836efe54a9d3e2b346f3efe061c10cc76b9b2b2213906d1d87551ae1c0045cd5c630b44162d07b842ec0466ae8a76f78dedf95d7879c4000711f64b374e4eacf5a1f208fd768f30df38d274c21284ad3f81c2f2f52680e14646ef34be528a9611a724dc1bf71278f6a3cd5b41d89e71bbd1db1d91920d4cdd3cd4badf56c8d1ab1ef27e61d37dab3b1d09a708505a769fff4d51fa945af046277d8786e2d7ba3abc6d5b1974050a9031b3900017af9694736a1fd91e82b4a21cfa2bd2cc8e79195ad955797630f6f96e113d3af9e035085e99c1905666ad9899fbd64706a9c63ae4ab24ffda79c656bed83ca2e21ed6117004565401505570d0bbf4f5d55f61bb6af5076e10dc5e6688c493ee35d072c36124d374c71103a62e4190b7b8d1c80346aaf569ac411d223fed275d9fe32a1ed3852de2bf15d62d4d2915dc8dab6d792979506bb7f495784015de9fefcb70362716b4af7641e5c106f57be68336604b96225d0a75635be21c486c55909aadfc4a92467449d423ea14f725a2808323ca9f40ce3ee696ad2e0e70553f4b772c29ee69bce7801b8401d88a672e9ce781c8f6018f119f469e89648ba679d68cfd34327b0dc09e3dd56fc32b129228e5d54d514c77a9d212420b9c777951fbddebbe0f30e5e765bd51da4993282a6535c185259d3a0783824d306bdea15e71a153e7b50b6b072fa735f785429ac749088054bd647ab1978199598dc340a4e7b61d03c0513f2f75e604a3bdb1ada70ec5feeebfbb0a4a257f2ef5f483722cd5663b3689bb9439138712064c022ec51bbe63d1116dcf42632948101e839f88b6c6fb30382bd447d83f2b8276372c843ec973a6260d6151eda175550005fc97f750ac1afd49449711463bd133ca646c9b5ef710078ea8747c011710ef7aa5b019771011c3fdb94803e79ebe245aa8a48df76ccd1bf6673276b0fabdd44d4d7ab24927038be8f7b692818ce5799949f8046d9ea5590e9605d31633793d1f6deb309aa0a6296fdd0ab71ef07ee05657cf19cd890ab08e91b96410f86fe3f19c7985dbd4c0d27698cf6273c975aef36584352cdc10541125e00c3a3766ab1542b277e09df3bedd3e98334c24b654b9960d3261d078dd15cab65f6be072b4faeba68743ce5c87814b60b1d318c8f0caca78d59ba020e2adbb6fb3d9ded0de88a511e3f1cfd4d667c1d193b99918cb127975e8188165253f99e52436a5b34709256254b08cd4caf9812862f147a39691bcb469bf53f3c4f2b2f0d82f697bbe5b280450c57cca9535716789532e64390457325b86f03a8a1469703d985fded403f99770fd2e94e4cfa6dd735c7201b24f33d1b11395be25e8f36d1aed64a82de5eeda93b169e8379f83dfdaf701477063c1ed6e546440e7f8adc4a1654cfeef3696a34746f677746c7511d4e811d1fa4b20386006a3cbc26288381500fd2d00546d3c1033600e8b62d1c31de2aafb92bea76b974c2eee40368710ab7658c02ece0a92eb1e1fe0a8c2fc2f73b1462a06dd2451dc49c9f3fac289cee2ff0484a792293c1a2983552b4eb4ea16e9d163127950ee1963458c39511858522c1327dc0cb7612c061b41b6656e0fcb28da6265f4b03428529f4c90d444a7a891e63b2609bd921aa4f6dcaf582cc678eb35b57eed2043c2b3978d376577d491d1634ce7d98d0ef956b729665f5c41b0691ad51601873861e4a354a14521937fe9b27206aee62b215e2d92076a8005b456be977392528a388ac27077e013ffe1f107f0c21613da657f65283ea140b0ac3f23715998db239bb414126edb9febc2cfa5e51e48c5d382870a2eb4b9191abaa2e676c64a4d71a9afd9ba1d2167a5da505be71bffa9d80538f3585d1e413f2f9bf53816859e245f7429d06e3a7c613f6c20291ba256a92cb00a9b6a9391eb42ac74b2770c165f68f639d766512fc1244e507d79552cc7cfb757046a77ea4ca476e367e17219eac2fd7ef957801bce7bac9b8f5d519a3878f6af26cddb34f57bc059d706f181932ebbc4d98a6ac8e09f56bc143d23ff033592886ef5f9370b8d2be92f5f604e75267abcdd6800448078551d62df3c63dbe9eeb96e4e226e8385c78c4803c2624feb7551f284ba5a59341dd17df39c97a24fb55558a5e8489d520f5540f519496e6156baf03da7127e480c1ef87453304c21c948f8e214b9134834d05835521976e617463017a82633071e4a135cb524e12312981059a001419cdb98cc4bdced182d6a78da500be3e2a47b9ae46fac29e56a56ec9d3de34c514a503d1b753bdab7b0d07cccfef2cca6ec3fd97506e4482792c905c43a38144ca4ce49e23b21c0c314fea6973bf18795c3fc371136ec050509e2dd27bc54af8f7fc1d6a16d81a2768242e9a9e957aa17f57f440069302e9cbdb111f0283e54dec971bace8d8e1219677a1ec1c00d518a38a053c63b17c17a7b42bb7342d70f10a953b8825690718b2e883a494292ca16156b03b352c1547df4e152014ab180d34469d24f6b13e05956e7438dbe1dbdd96eb55c3c1a822842c5187f204f99e8c2e763e135f9fc8b9130c51eea3e03a838fcfaa7d6061c7d3bd414a94d9a97adda89c6b6bea6ae3f5d6be58310f06da0e332a3cc5ae35eb753979292b67b91bb8f22c7edf37d4bd0c4997e685b79ddcf0e21f0365c633a0e5d3fbbff3186170c8648d2b6a0bf5455f2d66b8323e6a1ddee9d00b664e2e5fac5fc075603b67c30b631b8354d97d411647a32b34c6238b5effba0ebf144c32bcf278cdd533d7a42edc36931bc0d7f8f9793f68978415700792c19ee3324b955e1d0be7e8838aa5af6001b08353855028478fa3b13f45ea58abc45e215d4f1c9e981ddaf0825778845d76f420aa5d3558239b8bbdc6b1291202a007d10726a1715ebde563886f5284b0458e4bc9d68f74ebc82f5e8209419611805c6c1715cd8747fe9346d0dac862dff8843ab99696b68b026062e08f5f0e2f85a44a95a3e508f12c13d29f8380af3f288e4c1742ccd18a95282cf5d8d0f049b40bf6247ad97f28ee2764a6f32f01842f1486baf7cb1f57485eb16daad4a14a593e61356e43579056e7cddc4e7e279ca35cc0141cffd272f74e1a70f995ed432cb9da5fac0ba7bba67d0f02fae8aff3f39bb602d1e7bdc9fa459dc4509212f2c9ddf38a056a6216199bbc3b056a3a44876fc2955e47d69e07656b97ac0401df3382c3e213e5a0b675522f767a3ed254b92e64f9777684b2b6b86985fcf8e7dc41c70ab3ad36f12344aa9e31bc0f15b91e4cf0b9e84837f8f0aa01646d77f60eb571e20d45ee3739078f538bf2fa5c3b4d0881d52e2e706fdb93376ffd7c29c99033c956deee7604a022851e089c8354bcaa9b0bc3a97a777554efb46b61279a84fc4fe439c6f93312972d2694650f7687d75b95ed23ec7b8adccb54d186bed12eac84f882cb7860a1ed285ae8788d3db5b518dc29641a15e887e6d4b65ca151d9690b060f82295bac22b5d38ca28809c1fbf1af0cb8553f922c24aceffbcabef76951e9b3c7bba979ed5dff352906a01e33e9e8cf6487c8de5bca1648e4541a4fedade0f4faa7a70367a0c36aa7771d52985c41333a2d53e1aa184301d93e9c536842b13c34690d809bfc413a2bc52e7f5d87d2bc96a0309bdc2eb3a1b3a1e748018f3c5f466543e0e93d8c0a0ce807cf48c5775d6e35b6ecb8ce99765ba610897e65c0f1bcc69e3acc258ee871d9a0bdb0de168c271211806de936471a9f235c8db1c1bd44f8385cd8dd4f16e0116d28d0c62673beb2c152711936682a768fc2e3ee7153647bdb1ec1ada61d4456b76559562b9f39567ad104ddb7a9f69802e2004accb122553629cb177a65658bd9d015804dd2e11cce83d9288eb48cfc4c15b8106c787be1336706d327cbe17ff9c38e2459a4d32f03f83b5b08d3d6736fde7f79482c26f4deb0ac2818947080f7671001cae0d76d9ee52de89a6947ea93d72ce8085cdae5d3c0f0bd132ba1cd2228096b2498e9fe63531e605ce34d1e9efc62e78d3d1ebcc9cc4807341dec0829471aa6dd8425d46ca94c80d9900bec1b8a932ae95d0e24ab190c3f38d848a05f4efe67dd37867f8d56a4521287c05e1b67b8747b4d8d5a56bc2e9f95456cc3bd705d479a09f53df8d25e3d4ac71cfec6ef1ade1c04bae7ba50b60d1c30b455b39844b91c9fd3d4477e46319b12470df6eb2ea0250a053e06ad5622d6443d4b54ad7d0c1e762ba9da9b098f82eb8cf000d62009ca14cc143f55a0ffbce3b4037413715e0d9054f76c00325ba4ae8ac2ae965876a7152d33c0f12086437151142914f75b92bc463ced66a770ee7545d26a607226014d1a3309c19af1754cf151ac8fc8dbe4c0a21a880ff59d9d1ef650c49b89e"})

18:39:27 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize='])

18:39:27 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xd)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$TIOCNXCL(r0, 0x540d)

[ 1006.670086] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1006.687526] XFS (loop2): unknown mount option [allocsize=].
18:39:27 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf0ffffffffffff, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1006.840574] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1008.155596] Bluetooth: hci0: command 0x1003 tx timeout
[ 1008.161013] Bluetooth: hci0: sending frame failed (-49)
[ 1008.875926] Bluetooth: hci1: command 0x1003 tx timeout
[ 1008.881325] Bluetooth: hci1: sending frame failed (-49)
[ 1010.235586] Bluetooth: hci0: command 0x1001 tx timeout
[ 1010.240974] Bluetooth: hci0: sending frame failed (-49)
[ 1010.955589] Bluetooth: hci1: command 0x1001 tx timeout
[ 1010.960972] Bluetooth: hci1: sending frame failed (-49)
[ 1012.315592] Bluetooth: hci0: command 0x1009 tx timeout
[ 1013.035762] Bluetooth: hci1: command 0x1009 tx timeout
18:39:37 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x800000000000000f)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:39:37 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:39:37 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize='])

18:39:37 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={&(0x7f0000000280)={0x10, 0xf000, 0x6558000000000000}, 0x59, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="280000001c000708000000000000000007000000", @ANYRES32=r2, @ANYBLOB="00009e000a00020015698ab79bb1e494b49c3d29b1e99e7ca1dfc535e599178b0758eabab32486c76d926749a2b7578c772218a06c6aa43c9f355f30fef04351bd0858e7312578b482b93713e7532e106b"], 0x42e}}, 0x0)

18:39:37 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:39:37 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x100000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:37 executing program 5:
clone(0x41fe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f0000000100)='/dev/vcs#\x00', 0x0, 0x105000)
r0 = getpid()
rt_tgsigqueueinfo(r0, r0, 0x33, &(0x7f0000000200))
ptrace(0x10, r0)
ptrace(0x8, 0x0)

18:39:37 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:39:37 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x200000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1016.907687] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1016.927349] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1016.931631] XFS (loop2): unknown mount option [allocsize=].
[ 1016.952195] Bluetooth: hci1: Frame reassembly failed (-84)
18:39:37 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)
write$FUSE_LSEEK(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0x0, 0x0, 0x0)

18:39:37 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:39:37 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize='])

[ 1017.038581] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1017.071192] XFS (loop2): unknown mount option [allocsize=].
[ 1018.955588] Bluetooth: hci1: command 0x1003 tx timeout
[ 1018.961159] Bluetooth: hci0: command 0x1003 tx timeout
[ 1018.961218] Bluetooth: hci1: sending frame failed (-49)
[ 1018.971892] Bluetooth: hci0: sending frame failed (-49)
[ 1019.755545] Bluetooth: hci3: command 0x1003 tx timeout
[ 1019.760931] Bluetooth: hci3: sending frame failed (-49)
[ 1019.766425] Bluetooth: hci2: command 0x1003 tx timeout
[ 1019.771893] Bluetooth: hci2: sending frame failed (-49)
[ 1021.035676] Bluetooth: hci0: command 0x1001 tx timeout
[ 1021.041097] Bluetooth: hci1: command 0x1001 tx timeout
[ 1021.041156] Bluetooth: hci0: sending frame failed (-49)
[ 1021.046751] Bluetooth: hci1: sending frame failed (-49)
[ 1021.835573] Bluetooth: hci3: command 0x1001 tx timeout
[ 1021.835615] Bluetooth: hci2: command 0x1001 tx timeout
[ 1021.840935] Bluetooth: hci3: sending frame failed (-49)
[ 1021.846254] Bluetooth: hci2: sending frame failed (-49)
[ 1023.115586] Bluetooth: hci1: command 0x1009 tx timeout
[ 1023.115625] Bluetooth: hci0: command 0x1009 tx timeout
[ 1023.915558] Bluetooth: hci3: command 0x1009 tx timeout
[ 1023.915651] Bluetooth: hci2: command 0x1009 tx timeout
18:39:48 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:39:48 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:39:48 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x300000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:48 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)
write$FUSE_LSEEK(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0x0, 0x0, 0x0)

18:39:48 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$VT_RESIZEX(r0, 0x560a, 0x0)

18:39:48 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x800, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
pipe2(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80800)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000100)='TIPC\x00')
sendmsg$TIPC_CMD_GET_MEDIA_NAMES(r1, &(0x7f00000001c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x100040}, 0xc, &(0x7f0000000180)={&(0x7f0000000140)={0x1c, r2, 0x100, 0x70bd25, 0x25dfdbff, {}, ["", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4800}, 0x4)

18:39:48 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[ 1027.791452] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:39:48 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x400000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:48 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x500000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:48 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)
write$FUSE_LSEEK(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0x0, 0x0, 0x0)

18:39:48 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[ 1027.844727] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1027.859939] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1027.877218] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:39:48 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

[ 1027.954889] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1029.915541] Bluetooth: hci0: command 0x1003 tx timeout
[ 1029.920974] Bluetooth: hci1: command 0x1003 tx timeout
[ 1029.921039] Bluetooth: hci0: sending frame failed (-49)
[ 1029.926462] Bluetooth: hci1: sending frame failed (-49)
[ 1030.635556] Bluetooth: hci2: command 0x1003 tx timeout
[ 1030.641126] Bluetooth: hci2: sending frame failed (-49)
[ 1030.645530] Bluetooth: hci3: command 0x1003 tx timeout
[ 1030.651967] Bluetooth: hci3: sending frame failed (-49)
[ 1031.995634] Bluetooth: hci0: command 0x1001 tx timeout
[ 1031.995643] Bluetooth: hci1: command 0x1001 tx timeout
[ 1031.996168] Bluetooth: hci1: sending frame failed (-49)
[ 1032.001133] Bluetooth: hci0: sending frame failed (-49)
[ 1032.715691] Bluetooth: hci3: command 0x1001 tx timeout
[ 1032.721120] Bluetooth: hci2: command 0x1001 tx timeout
[ 1032.721221] Bluetooth: hci3: sending frame failed (-49)
[ 1032.726795] Bluetooth: hci2: sending frame failed (-49)
[ 1034.075574] Bluetooth: hci1: command 0x1009 tx timeout
[ 1034.075627] Bluetooth: hci0: command 0x1009 tx timeout
[ 1034.795625] Bluetooth: hci2: command 0x1009 tx timeout
[ 1034.795644] Bluetooth: hci3: command 0x1009 tx timeout
18:39:59 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TCSETXW(r0, 0x5435, &(0x7f0000000000)={0x6, 0xffff, [0xfff, 0x5, 0x1, 0x1, 0x9], 0xfc3})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:39:59 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x600000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:59 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)
write$FUSE_LSEEK(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_dccp_buf(0xffffffffffffffff, 0x21, 0x0, 0x0, 0x0)

18:39:59 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x8001000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")

18:39:59 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:39:59 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ptmx\x00', 0x200000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000180)='/proc/capi/capi20\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x40000, 0x0)
lsetxattr$trusted_overlay_origin(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='trusted.overlay.origin\x00', &(0x7f0000000140)='y\x00', 0x2, 0x2)

18:39:59 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000040)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]})
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x400, 0x4)

18:39:59 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:39:59 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x700000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:39:59 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)

18:39:59 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)
write$FUSE_LSEEK(0xffffffffffffffff, 0x0, 0x0)

[ 1038.676842] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1038.704880] Bluetooth: hci0: Frame reassembly failed (-84)
18:39:59 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe'}, 0x58)

[ 1038.802390] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1038.813546] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1038.819942] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1039.497502] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1040.715570] Bluetooth: hci0: command 0x1003 tx timeout
[ 1040.721069] Bluetooth: hci0: sending frame failed (-49)
[ 1040.875682] Bluetooth: hci1: command 0x1003 tx timeout
[ 1040.881206] Bluetooth: hci1: sending frame failed (-49)
[ 1041.515590] Bluetooth: hci2: command 0x1003 tx timeout
[ 1041.520996] Bluetooth: hci2: sending frame failed (-49)
[ 1042.805672] Bluetooth: hci0: command 0x1001 tx timeout
[ 1042.811106] Bluetooth: hci0: sending frame failed (-49)
[ 1042.955712] Bluetooth: hci1: command 0x1001 tx timeout
[ 1042.961160] Bluetooth: hci1: sending frame failed (-49)
[ 1043.595611] Bluetooth: hci2: command 0x1001 tx timeout
[ 1043.601178] Bluetooth: hci2: sending frame failed (-49)
[ 1044.875650] Bluetooth: hci0: command 0x1009 tx timeout
[ 1045.035713] Bluetooth: hci1: command 0x1009 tx timeout
[ 1045.675649] Bluetooth: hci2: command 0x1009 tx timeout
18:40:09 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x40000, 0x0)
ioctl$KVM_GET_SREGS(r1, 0x8138ae83, &(0x7f0000000100))
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

18:40:09 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xa00000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:09 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:40:09 executing program 2:
r0 = socket$inet6(0xa, 0x8000000000001, 0x0)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890c, &(0x7f0000002140)={@remote, @empty, @loopback={0x0, 0x5}, 0x0, 0x0, 0x0, 0x0, 0xd3})

18:40:09 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:40:09 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
shmget$private(0x0, 0x2000, 0x400, &(0x7f0000ffe000/0x2000)=nil)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:10 executing program 2:
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
r1 = socket$l2tp(0x18, 0x1, 0x1)
connect$l2tp(r1, &(0x7f00005fafd2)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @multicast2}, 0x4}}, 0x2e)
sendto(r1, 0x0, 0xcf, 0x0, 0x0, 0xfffffffffffffe46)

[ 1049.557053] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:40:10 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:40:10 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xe00000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:10 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
dup2(r0, r1)

18:40:10 executing program 2:
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(0xffffffffffffffff, 0x84, 0x75, &(0x7f0000107ff8)={0x0, 0x10040000}, 0x8)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000140)='/dev/vga_arbiter\x00', 0x200, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x10006, 0x80011, r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00')
ptrace$getregset(0x4204, 0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=""/126, 0xb2})
writev(r1, &(0x7f0000000080), 0x5b)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
write$P9_RREADDIR(0xffffffffffffffff, &(0x7f00000001c0)={0x49, 0x29, 0x2, {0x5, [{{0x80, 0x4, 0x5}, 0x0, 0xfffffffffffffffb, 0x7, './file0'}, {{0xc8, 0x3, 0x2}, 0x0, 0x7, 0x7, './file0'}]}}, 0x49)

18:40:10 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf00000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1049.683313] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1049.785749] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1051.595566] Bluetooth: hci1: command 0x1003 tx timeout
[ 1051.595709] Bluetooth: hci0: command 0x1003 tx timeout
[ 1051.602406] Bluetooth: hci1: sending frame failed (-49)
[ 1051.612069] Bluetooth: hci0: sending frame failed (-49)
[ 1052.395719] Bluetooth: hci2: command 0x1003 tx timeout
[ 1052.401117] Bluetooth: hci2: sending frame failed (-49)
[ 1053.675639] Bluetooth: hci0: command 0x1001 tx timeout
[ 1053.681107] Bluetooth: hci0: sending frame failed (-49)
[ 1053.686557] Bluetooth: hci1: command 0x1001 tx timeout
[ 1053.691891] Bluetooth: hci1: sending frame failed (-49)
[ 1054.475609] Bluetooth: hci2: command 0x1001 tx timeout
[ 1054.481091] Bluetooth: hci2: sending frame failed (-49)
[ 1055.755597] Bluetooth: hci0: command 0x1009 tx timeout
[ 1055.755822] Bluetooth: hci1: command 0x1009 tx timeout
[ 1056.555576] Bluetooth: hci2: command 0x1009 tx timeout
18:40:20 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/policy\x00', 0x0, 0x0)
write$USERIO_CMD_REGISTER(r1, &(0x7f0000000280)={0x0, 0x8000}, 0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='timers\x00')
ioctl$TCGETA(r2, 0x5405, &(0x7f0000000080))
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000180)='/dev/cachefiles\x00', 0x2000, 0x0)
fdatasync(r3)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000200)={0x9, &(0x7f00000001c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
setsockopt$inet_sctp_SCTP_NODELAY(r2, 0x84, 0x3, &(0x7f0000000040), 0x4)

18:40:20 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff'}, 0x58)

18:40:20 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
dup2(r0, r1)

18:40:20 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x2000000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:20 executing program 2:
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000140)=[{0x6, 0x0, 0x0, 0x50000}]})
r0 = openat$cgroup(0xffffffffffffffff, 0x0, 0x200002, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

[ 1059.804288] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1059.855324] Bluetooth: hci0: Frame reassembly failed (-84)
18:40:20 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x224040, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:20 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x3f00000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:20 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:40:20 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
dup2(r0, r1)

18:40:20 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x8001000008912, &(0x7f0000000040)="0800b5055e0bcfe87b0071")
syz_genetlink_get_family_id$ipvs(0x0)

18:40:20 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4800000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1060.423845] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:40:20 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

[ 1060.475086] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1060.531436] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1060.636598] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1060.642475] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1061.925616] Bluetooth: hci0: command 0x1003 tx timeout
[ 1061.931140] Bluetooth: hci0: sending frame failed (-49)
[ 1062.475583] Bluetooth: hci1: command 0x1003 tx timeout
[ 1062.481186] Bluetooth: hci1: sending frame failed (-49)
[ 1062.715673] Bluetooth: hci2: command 0x1003 tx timeout
[ 1062.721223] Bluetooth: hci2: sending frame failed (-49)
[ 1063.275581] Bluetooth: hci3: command 0x1003 tx timeout
[ 1063.281155] Bluetooth: hci3: sending frame failed (-49)
[ 1063.995611] Bluetooth: hci0: command 0x1001 tx timeout
[ 1064.001010] Bluetooth: hci0: sending frame failed (-49)
[ 1064.555771] Bluetooth: hci1: command 0x1001 tx timeout
[ 1064.561270] Bluetooth: hci1: sending frame failed (-49)
[ 1064.795743] Bluetooth: hci2: command 0x1001 tx timeout
[ 1064.801213] Bluetooth: hci2: sending frame failed (-49)
[ 1065.355667] Bluetooth: hci3: command 0x1001 tx timeout
[ 1065.361116] Bluetooth: hci3: sending frame failed (-49)
[ 1066.075591] Bluetooth: hci0: command 0x1009 tx timeout
[ 1066.635696] Bluetooth: hci1: command 0x1009 tx timeout
[ 1066.875688] Bluetooth: hci2: command 0x1009 tx timeout
[ 1067.435687] Bluetooth: hci3: command 0x1009 tx timeout
18:40:31 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x401)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x200000, 0x0)

18:40:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xa)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:31 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, 0xffffffffffffffff)

18:40:31 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff'}, 0x58)

18:40:31 executing program 2:
r0 = syz_open_dev$sndctrl(&(0x7f0000000040)='/dev/snd/controlC#\x00', 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000100)={{0x48, 0x0, 0x0, 0x0, 'syz0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdf\xff\x00'}, 0x2, 0x0, 0x1, 0x0, 0x0, 0x0, 'syz1\x00', 0x0})

18:40:31 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4c00000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:31 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:40:31 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, 0xffffffffffffffff)

[ 1071.315944] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:40:31 executing program 2:
semctl$IPC_INFO(0x0, 0x0, 0x3, &(0x7f0000000240)=""/89)

18:40:31 executing program 1:
r0 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/checkreqprot\x00', 0x10000, 0x0)
ioctl$DRM_IOCTL_AGP_RELEASE(r0, 0x6431)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000280)='/dev/ptmx\x00', 0x10000, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000200)={<r2=>0x0}, &(0x7f0000000240)=0xc)
move_pages(r2, 0x1, &(0x7f00000002c0)=[&(0x7f0000ffc000/0x4000)=nil], &(0x7f0000000300), &(0x7f0000000340)=[0x0, 0x0, 0x0], 0x0)
ioctl$TIOCGSID(r1, 0x5429, &(0x7f0000000000)=<r3=>0x0)
fcntl$setown(r1, 0x8, r3)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$DRM_IOCTL_VERSION(r0, 0xc0406400, &(0x7f00000001c0)={0x1, 0x8, 0x7, 0x5c, &(0x7f0000000100)=""/92, 0x2d, &(0x7f0000000080)=""/45, 0x37, &(0x7f0000000180)=""/55})
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:31 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x4c02000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:31 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0x13b460000000000, 0x430003)
ioctl$sock_x25_SIOCDELRT(r1, 0x890c, &(0x7f0000000100)={@null='               \x00', 0x9, 'veth1_to_team\x00'})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:31 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, 0xffffffffffffffff)

18:40:31 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff\x00'}, 0x58)

18:40:32 executing program 2:
syz_mount_image$xfs(&(0x7f0000000000)='xfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB='allocsize=g'])

[ 1071.526866] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1071.562778] Bluetooth: hci0: Frame reassembly failed (-84)
18:40:32 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6000000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:32 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x10000, 0x0)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
getsockopt$inet_udp_int(r1, 0x11, 0x6f, &(0x7f00000001c0), &(0x7f0000000200)=0x4)
sendmsg$TIPC_CMD_GET_MAX_PORTS(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x10080}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x1c, r2, 0x300, 0x70bd27, 0x25dfdbfb, {}, ["", "", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x4000}, 0x80)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:32 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:40:32 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff'}, 0x58)

[ 1071.664545] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:40:32 executing program 2:
socket$inet6(0xa, 0x3, 0x7)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000580)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
creat(&(0x7f0000000000)='./bus\x00', 0x2)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = creat(&(0x7f0000000100)='./bus\x00', 0x0)
ftruncate(r1, 0x208200)
r2 = open(&(0x7f0000000780)='./bus\x00', 0x14102e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x7ffffe, 0x4002011, r2, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(0xffffffffffffffff, 0xc0bc5310, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r2, 0x6611)

18:40:32 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6800000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:32 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe'}, 0x58)

[ 1071.771801] Bluetooth: hci1: Frame reassembly failed (-84)
18:40:32 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x6c00000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1071.817622] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1071.872840] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1073.595537] Bluetooth: hci0: command 0x1003 tx timeout
[ 1073.601008] Bluetooth: hci0: sending frame failed (-49)
[ 1073.835593] Bluetooth: hci1: command 0x1003 tx timeout
[ 1073.841137] Bluetooth: hci1: sending frame failed (-49)
[ 1074.315609] Bluetooth: hci2: command 0x1003 tx timeout
[ 1074.321085] Bluetooth: hci2: sending frame failed (-49)
[ 1075.675634] Bluetooth: hci0: command 0x1001 tx timeout
[ 1075.681019] Bluetooth: hci0: sending frame failed (-49)
[ 1075.915598] Bluetooth: hci1: command 0x1001 tx timeout
[ 1075.921076] Bluetooth: hci1: sending frame failed (-49)
[ 1076.395663] Bluetooth: hci2: command 0x1001 tx timeout
[ 1076.401062] Bluetooth: hci2: sending frame failed (-49)
[ 1077.755717] Bluetooth: hci0: command 0x1009 tx timeout
[ 1077.995682] Bluetooth: hci1: command 0x1009 tx timeout
[ 1078.475794] Bluetooth: hci2: command 0x1009 tx timeout
18:40:43 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
pipe(&(0x7f0000000100)={<r1=>0xffffffffffffffff})
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000180)='TIPCv2\x00')
sendmsg$TIPC_NL_LINK_SET(r1, &(0x7f0000000200)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000280)={0xa0, r2, 0x0, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x30, 0x5, [@TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x12}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x725}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x401}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}]}, @TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x1}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x7}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x7c}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x81}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x3}]}, @TIPC_NLA_MEDIA={0x20, 0x5, [@TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffff9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0xa0}, 0x1, 0x0, 0x0, 0x40}, 0x840)
r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dlm-monitor\x00', 0x101002, 0x0)
bind$vsock_stream(r3, &(0x7f0000000080)={0x28, 0x0, 0xffffffff, @hyper}, 0x10)
syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2)

18:40:43 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:40:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff\xff'}, 0x58)

18:40:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7400000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:43 executing program 2:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xfe\x00'}, 0x58)

18:40:43 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2)
ioctl$PPPIOCATTACH(r1, 0x4004743d, &(0x7f0000000040)=0x2)
ioctl$NBD_CLEAR_SOCK(r1, 0xab04)
r2 = socket(0xa, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r2, 0x0, 0x80, &(0x7f0000000540)=@filter={'filter\x00\x00\x00\x00\x00\x00H\x00', 0xe, 0x1, 0x1a8, [0x0, 0x20000180, 0x200001b0, 0x200001e0], 0x0, 0x0, &(0x7f00000005c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff02000000000000000000000000000000000000000000000000dfff0000000000000000000000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001500000000000000000073797a5f74756e00000000000000000079616d30000000000000000000000000b76f6e645f736c6176655f310000000073697430000000000000000000000000aaaaaaaaaa0000000000feff0080c20000000000000000000000e8000000e8000000180100006c696d6974000000000000000000000000000000000000000000000000000000200000000079dfc221ff1e9133786800000000001000010400000000000000000000000000000000000000000000000000003830325f330000000000000000000000000000000000000000000000000000000800000000000000000000000000000041554449540000b827d85034bb5ec6a30000000000000000000000000000000000000000000045138b972511a25a28d20376f7163e11d13a2cbd2524786b70e2a56c9e953d94deb2a97b922019ee3118bf7466932196bfaff88c95bdd793da2e8f6eee6a77655feb7047b1dacf1ce3cf346333298975f113f30718128a104e03000000000000000594963caec50e5e1cbd478fe10b746c26c18071244bd0f7858b2d58e14f7765938def56a1d5"]}, 0x2a7)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r1, 0x84, 0xc, &(0x7f0000000080)=0x8, 0x4)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
accept4$llc(r1, &(0x7f0000000100), &(0x7f0000000140)=0x10, 0x80000)

18:40:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1082.833923] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:40:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x7a00000000000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:43 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(r0, &(0x7f0000000000)="1f0000000104fffffd3b000007110000f30501000b000100020423ca0000cf", 0x1f)

18:40:43 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
r0 = socket$packet(0x11, 0x3, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1082.940791] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:40:43 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x9effffff00000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:43 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff'}, 0x58)

[ 1082.998621] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1083.026425] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1083.073964] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1083.647617] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1083.657448] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1084.875589] Bluetooth: hci0: command 0x1003 tx timeout
[ 1084.881057] Bluetooth: hci0: sending frame failed (-49)
[ 1084.955546] Bluetooth: hci1: command 0x1003 tx timeout
[ 1084.961152] Bluetooth: hci1: sending frame failed (-49)
[ 1085.675566] Bluetooth: hci3: command 0x1003 tx timeout
[ 1085.675572] Bluetooth: hci2: command 0x1003 tx timeout
[ 1085.675676] Bluetooth: hci2: sending frame failed (-49)
[ 1085.681188] Bluetooth: hci3: sending frame failed (-49)
[ 1086.955729] Bluetooth: hci0: command 0x1001 tx timeout
[ 1086.962777] Bluetooth: hci0: sending frame failed (-49)
[ 1087.035576] Bluetooth: hci1: command 0x1001 tx timeout
[ 1087.041175] Bluetooth: hci1: sending frame failed (-49)
[ 1087.755745] Bluetooth: hci3: command 0x1001 tx timeout
[ 1087.755773] Bluetooth: hci2: command 0x1001 tx timeout
[ 1087.765094] Bluetooth: hci3: sending frame failed (-49)
[ 1087.766499] Bluetooth: hci2: sending frame failed (-49)
[ 1089.035755] Bluetooth: hci0: command 0x1009 tx timeout
[ 1089.115656] Bluetooth: hci1: command 0x1009 tx timeout
[ 1089.835605] Bluetooth: hci3: command 0x1009 tx timeout
[ 1089.835666] Bluetooth: hci2: command 0x1009 tx timeout
18:40:54 executing program 2:
madvise(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x13)

18:40:54 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(0xffffffffffffffff, r0)

18:40:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff\xff'}, 0x58)

18:40:54 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = dup3(r0, r0, 0x80000)
ioctl$DRM_IOCTL_ADD_MAP(r1, 0xc0286415, &(0x7f0000000000)={&(0x7f0000ff9000/0x4000)=nil, 0x3ff, 0x5, 0x2, &(0x7f0000ff8000/0x4000)=nil, 0xa9})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xf0ffffff00000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:40:54 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ubi_ctrl\x00', 0x10000, 0x0)
ioctl$ION_IOC_ALLOC(r1, 0xc0184900, &(0x7f0000000080)={0x200, 0x0, 0x1})
r2 = fcntl$dupfd(r0, 0x406, r0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000280)={"e060abede764aa3454543874468de2c7d2d96252f9313c999c775def354010e3367c34102e0937b982381eb0053201df637051721e9dbbca8521bf238430388acf5d582475d8149e41164d7abcf478805ea7c3ca4bcf3e1fda1826c70a88bb1809d3047cd4c897d4fcba17bb2f69e01e6efb1facb30b69fb583aaa13f56036ac4314e82d8dea5b95f28914f500bda16577f092c4c2d6aa323441c45a91b592c276f6362caa6e5c42296023b468d1658511781e58503f4e0a2067e29be78ad77da1c1edba4d18619627781b47393e0097e5fe9616e4ee167c44394a5f77dc118e10aeb98daa647d548f93dc067dbd97ff65abb8515e2d68548f0febbce036c1b5fdbd38fe47bc3b18b7f6d08142eb55a999b7ca91fe14c6a5f6441e37042b6e489eeea1e5857318b612c6a0f6065ebb1fd1d7fe97a9de676b5f681e97b2fdf25d4dad010d0c7f4e06e24348a46b4765a19793e9ea312a6cec9a09e2647fb2d30b79aa4a7643f2c2de282b6f6ec753f9e9d89ceab273cdadb71e96728a732a43fd799b8ddfbb47b503ae0058ee55b048b19a3b0caf541221521ffa2dbd6e60754c7aa8bd4ea4530e99314c7566c3acb832088982ce52bc10b76bfb6499ac7e1076574ba5db7d74b7b97b030d4f397dc76b5b546a694c6e314fc83f378fadcc5f975795f722aca1c6a95772c9b94ee25377edfb1f013e84349a375ec73f3aa6470cf1789ebf6a70b779a392a33e706c70d986c552ce3af5814976d4b3171023f6c915bf794b022360979d7cd04c90e67be5ad327c903c26497be086f9ccfbbf380a056553d836ae08b4035e388ae94856ef8df12847c4a5a58c7d2a3a943c76e145024381d14fdc5fc140d37d28f1617aa6e4dbfd44a87f8c5f56861aa5afd83730660cac18bbab8630ef3c4777bc7409a76dca0dac7d77113a256e24dd1e8e3b170ff35f828869b063686c74eab2e7e1d3f43e73081de272e9b2581380ee7ec4c1060c065797e9900d7182b793038d9d7f7276f858e6e67010f3261603af702a0a804382f753a80424d8dd34384c4e32d787e959b9f856d4fbeb1bcd5b6ee0a5c96d2428c9709bc75dfa5b1330119f2c58850fd0effeb87bd8e0852d8bc847e9129a747fa0e79c8ca8c2911bed5611badcc8abd65d39189fa4d1e7dc4828a2748b9367bf26f5ba7ad80fbc8c768a92be9db5beb6b2069e0397c3ee1b18c1abfe54acc6f0700300be5d824dac7d7f91207bfccdd480e6168156065f0b825460a9189486c182b8c0369f25f67c20046bf8080765a456f62317e6980dd4f975aed157546fd7192bcb7df37e6d1290258330d3abf8de90acf5554b6c4bd1f39c85f35a7e3eb4b6fae0c19b1422c6dbd3e8689d5ef0bf7a2444a0aea3e40c2abe468a161aff56b39f9cea1f114c146cb3f821c4468cf2d60975fb231e069ba398c29aac"})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r2, 0x8905, &(0x7f0000000000))

18:40:54 executing program 2:
r0 = perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x2000000080803, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x2}}, {{@in=@multicast1, 0x0, 0x32}, 0x0, @in6}}, 0xe8)
dup2(r0, r1)

18:40:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:40:54 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:40:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xffffff7f00000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1093.739043] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1093.769100] Bluetooth: hci0: Frame reassembly failed (-84)
18:40:54 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(0xffffffffffffffff, r0)

18:40:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff'}, 0x58)

18:40:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xffffffff00000000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1093.843635] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1093.861301] Bluetooth: hci1: Frame reassembly failed (-84)
18:40:54 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x4009})
ioctl$TUNGETIFF(r0, 0x400454c8, 0x0)

18:40:54 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe\xff'}, 0x58)

18:40:54 executing program 5:
add_key$user(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(0xffffffffffffffff, r0)

18:40:54 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0xfffffffffffff000, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1093.913830] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1093.982122] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1095.835701] Bluetooth: hci0: command 0x1003 tx timeout
[ 1095.841116] Bluetooth: hci0: sending frame failed (-49)
[ 1095.915658] Bluetooth: hci1: command 0x1003 tx timeout
[ 1095.921064] Bluetooth: hci1: sending frame failed (-49)
[ 1096.555575] Bluetooth: hci2: command 0x1003 tx timeout
[ 1096.561267] Bluetooth: hci2: sending frame failed (-49)
[ 1096.635671] Bluetooth: hci3: command 0x1003 tx timeout
[ 1096.641071] Bluetooth: hci3: sending frame failed (-49)
[ 1097.915720] Bluetooth: hci0: command 0x1001 tx timeout
[ 1097.921206] Bluetooth: hci0: sending frame failed (-49)
[ 1097.995653] Bluetooth: hci1: command 0x1001 tx timeout
[ 1098.001180] Bluetooth: hci1: sending frame failed (-49)
[ 1098.635582] Bluetooth: hci2: command 0x1001 tx timeout
[ 1098.641063] Bluetooth: hci2: sending frame failed (-49)
[ 1098.715588] Bluetooth: hci3: command 0x1001 tx timeout
[ 1098.720989] Bluetooth: hci3: sending frame failed (-49)
[ 1099.995650] Bluetooth: hci0: command 0x1009 tx timeout
[ 1100.075586] Bluetooth: hci1: command 0x1009 tx timeout
[ 1100.715593] Bluetooth: hci2: command 0x1009 tx timeout
[ 1100.795608] Bluetooth: hci3: command 0x1009 tx timeout
18:41:05 executing program 1:
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-monitor\x00', 0x1, 0x0)
ioctl$TIOCGPTLCK(r0, 0x80045439, &(0x7f0000000180))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x80000, 0x0)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000100))
socket$caif_stream(0x25, 0x1, 0x2)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r2, 0x400455c8, 0x0)
r3 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x40002, 0x0)
ioctl$PPPIOCGIDLE(r3, 0x8010743f, &(0x7f0000000040))
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)
sendmmsg$alg(r0, &(0x7f0000002b80)=[{0x0, 0x0, &(0x7f00000013c0)=[{&(0x7f00000001c0)="574b1017fda8013c16251fc377df3d75fd6e5b3eda05fed71a44d198be42cc9d5f497db69cbfd058fa1eb9014e0607c832162dca2d6c0cb6951ee974c255162cd8367c825c", 0x45}, {&(0x7f0000000280)="17212ec775b30b18ceaa0b097b25ab7490ebea5bc89fc7edf8e027abd32bb1d70f8d362a33faee0f30b8a50e7b3fbad9639093f14d8b7a958eebf34d56e17ff1a25d5ae0700fcce819ba59478964168ec4b411f2f84d4ca088fb9c83d134d4c7661ef2f184d7339b3288e9fd3175123dc4331c316e17ec8d30fbcb79c6d9d4fbad12e4f60f0acf468785af7dd89972874f0d4a070d66492925bfe7437cd99e96f82c57f2f6d26f441ff9989f7cc6f22c0cc64d23bbce5b5124e111d352ef42eb7e05af1ed43edc5bd9bf0a370db822d94bd3b2954d0a9eda2abc240e447908969a0860ea596a40204a2539edb99c7d2dda48cb3680e02682c5ffeaadb043ed63bdf52a6cc922ff2fc05ff7fe3a1d6d26660d9e4fcce1ab1420334e61ff9e3c910d9dc0e4d177701f4167b741d69fa8a5557c9fc650b62ac1bb299635bb70950545af61868ed37ed514cda0aa4837a21b06c42435b459776a46097ad36bce05c431a8c13bb03ed762bb875150226e1ff3d8b2325ea57df8f8e1bf7ac007a770355ccbcebfca30b2990d7633c985cecad9420e9375fd351d7d9977782a0359eca5e1ae0209b62e7ccdce50aa35a7334b9573e701bffb8685b4ab25d665ad95b2481405e817dd71776dc3e4af94d352b2390219a6d94950573ee28c2808e3370cd41022cf79b21faa4ef07e3a45300291afc00135ec6f8beec53949ba64533de7b25f11ad88d7f63c5cbd3b18c150f6f00b3693a0c5d59968577bd176f5a73b59834b85d1162f0956a9827c722966fe7557d6de367e279d14d069bf1d5400a7f7a3c30f7deecd577f5dd8e8f3c4a2c8272a242f2424dca5ff570b904ffde1cf77b93d358c9ae9bf7245145112f5f9164395b01c048ada782ccf42e232257bd3452e800fdd6659948c29b086cef6ffc180d3c6efbc1c4a44c5418400c48aaa05bf6d379dee0484ca1d3638f3be028e19e7b059f2a0fa5602cf04c86ad37c6a7bfbb1b365d986962f22b83c952207dabfd3777c3037562fcafea8688e5d766ea74d5f4be70fb6e41996dfc3920900a256be5be25a2adce0fb49d00ed8c1b61fce998adb18f42cbfded00ebed2e9372b466af379ad3468573248603ecf0f6bb093e26f11e5b27404b1f54116850883adc915a556fe1b1f21cee48065a78ab6a36f95105f36c890e967be5ff5a3acd6f17ed5d2eb8f45fecef4da455dc295a3078f2be41f4e9bee47dcd5bfb6028f8a1a4ef5ddc7db84597b95d3927963b2129436a750327000d5014b986e36fa2309c424789bab1fd52d1d8456475247bc8a6695c7c58327764befc91ada0e24ab0cc14d20c6325bd2a35dfb346340b2c72ad094de19591a2e51382e648a8c19baf5ea896ed364e6c47e038f280477b75529ae4af52f434aef0186e1630c1f9c57e3443880906ddf5c0deb029730563cbd0d5a8efba009e464e00b5dc91720b80d69ea6a640c71ddd7f0b344927c33953896cdde8e7ff961c412dacf9f0b44ed63e2bd62cde488b8befcc55cf0d8ce3e8debbab99e25c82677cd3ecc1cd4ffa0ecbbb9341e56129522381bd72df8a9b007ff14d83035e399181df50b5097807583e69af89b6178c0147187af3350912cf836c574d1416298f2b462d13e560fec8c1811098d7d2f69ef2773161b012d544e24b1bbc83caa290ea2859ce12e30460b5e528dbfebf5a84b53f0ee20256a5e218cdc38065dfbbef5bc63cf4148b553a8c04013298f355ea409ca64fea66dbf3e36c92fb7efe3424c1e1390b8d88a45ad55ea2e1ebb1f00663a464c23e70ce32602e804a5b82d5ce4e0d70938cf23153e4c27423f5492aadebbe2db619181f33477e4e51c17724a636e1fd5fccf11569c1256a0550aaf30b8f3dcd9780899a163d1890bc219cc986fa2155b3bb46bd83f304179158080f20257c9879c2aacc0560c8a53bef96e06c2e117ece6eccb92e833457fcbaae21702704f3d6b8e6690e1347a7d68ad462a3518237cf14ad599b0a500db19283f7db713824651a4fd9aa22f87a61aedb4f8f9d88f317511a4d92b3fa2868eb3ccf027dc965fe23ef0c6ea13ee7d72df399196922fc5aed628fae83cdad215cd39801770513762bbac67653cf7e8645cff3634a65562d234a191c9035b41cb630fb87069a269d80b2047cf13eab2f4a2e3964b56046027320cb8efe84f09cad713ffff42dc0c6d7982ea3f0ee0065b986fc1fc16e94766eeab3ce81f0053b981fd37c866fd47d97486667f4b5c4bd099559f323ed53fe597a4f184a80a0a9b30f928a55aa4ad8b92f028e59abe3c1a1f64e4d20db4939fbce3ba2a4177ee602fd746f67526aa681a810328b511d4fec40ca72adc3fef48b07cca729e964761f0660427fa741355bf8963856b5f9e00e14eb74bf6df9f1b5044ea555c64a6fc2c83d73115b0bd2a1fc2acd84017d3bb714de40d1de7e7f762b474ac850c8adfeaa04e021e4163153f032030aeb0ac1378662b347a41908d72a738807746856694c5ef5ea7bc70640089efb67abf237e758c1d5bf506839708512ba622a1aa9de94a2ee93b44258692902e44cc205566c59608bc62121e5422cc2aab8022099590f714cac67be7edd3adea73b14fb8429cc34a55dcf7b62064ba33bb6a7a7a07ef99bcda788bf927f27acbf36dacafc2c88cdd097d64dd7cafa72e750cdcfd91acca42a0b5e8162421af18310e279305d37a3ab4154a227979701e157f5567dfaef4c49b06b5b8f7e252df9cfca959602e89d5a73d56b0c7c097c993c7e5741f81d3510f157e7bcac8119bf6dfb023a06b3245b8480196aaf5b1abe01ebfe27e9e894f545c5a53765df395a8260274382515d566259b33aeebd9b4c63089cad553f61d3eb6c093348a0c4a68081d60731a8cbfc7eed9328208d9b42e58014dd74a65b4faf254e8c288ce3c3e95a0148ad77ae1c11901f2fcae8c796a1f9e36239f45ae790d9974d9008a3266a268876595c72bba1f294e1c8f6576edcef31a1b515533b3f745cfc240ac8a47a51c6f1dea85e412ded9b22b34aa6ab343767787d6c88c20e689d257ff99e63d55123796016dc65989fc4f04d05d97373262e015030a43a1b25d2497ffdfef6a72cb2500354d270370469b4f9cd3d787a607448959572f304ceae242b8e87d635204ff948365a65ec3a91d37ad823cdd6dcd105377b129badff26ab02cf8da60f1f3bea78a45b32c944ca303f22865343f6d64659e2a3cd0db38f0f2374e5e2025cf8aac240a42141e55dce4797461a6cdae1a8cf6f1bdd478ac035145b5b2f4462cbcbe242e72d1e1d94c4b76fd7bc14a207ffe2a257dff037c173200cfbc271bccb2af89cb7a29ba9d27e781390aa9ac28cf1b2b8425d277908d4ea57e1bf0adf1718fa86eb028ba7bddd7146b52ace94fb95867196e1f57045f44bb63ef36d499dd3d1ede84ef3204def423294566605fa8c88d15388dd571ea22b2bad04986eaa47dd84d601f98697e8851329b5ae4edd21599f1279f8e6a6e8dc968c7443455c90d153760ad942a6791e9e65d89404f96ac5ec6065b47dace3ee7c5b44a0401d3e3cdb2663f05026ce3204b0d59b659d26c9c4ee0bae24c448555d2c462dd98ce92ee73d279268b00b08a01e226059aee0c7f751957929920a4f6156a4157f04e85bf3caa06d60e56f803f095d0b429aa5a487483cf2c3550aa3e0ca5a1c3be58a414008ca29a362a020bb495ecb1e5a205a5a70a30e94ed2b1f3cba213c70c9beaa8ea4c14acaa1395285aad74f1fac8bbf55d68a27da23d66a650aae84cfdd991d348da872149000ed034cd0ed40bbc7d83cd589189a7dedf7f568fe8cfe7c53d90b8d057b6238e798828a89e3ca106f6d20c015864682bbe34db7a4176530abd9a7e0306794195a237341c0bbbabdda0d5a25847366681662bd023b39c78e6971a25208f5796df9e9c7ffde6ace516d6ee1053189c29996bc310b57f25dc5a07b9c35251007d9ce1592d5a6a69222128e91da41e6308ceb8990765342a052e727226d4dd01b0d1cd2732f2d80f6743c536e8f789f840bf83f0de5187c472d035a0fba0181bcf3943d2a440e50f2723f7cf51d067db8a29625169d4babb3c92c610e7bb2886c6324c25557270c1e19992dc66bfc4c0affc584bda4ef3a1aeb9ecea672f4a7cc9edb4632111f508ccfc04b65148dd04387c00dd8d5ce9db86ba4648fdf6122fb08e60198a003c109f03f0c2b58b48e8447233f7a4195590ae30af658234bbd3423f3f2a8788639130ac71d6099e5b0ad9865005266af0a498e8fc7f59918a4c155ba58f70368412444174ad52b2f50141b992596dc884d05162ef234e2fec821ab1ea9e5f6a9a6cf7f1f4f9e163e1bb6f0a654921718fc0332f37604aca3849cb99b79ff691a584c0b18d3978811cb8cfeeb893db7cf7dae24b11779d27fc8c6523e0cefe3807e196df6c8480b6826460548f1696071e7ddeb9126ba1caf6f3dc3bb3643490da55aa48113c2a3f4ec1a66a28629096c9600f6658ce876c95d316a8ff49e0ab031c4b0901606d375b80cc732cc009c2d4b46170100443f3e2142f3b87b4727a0dcf7d8c5fed522de0610161812bbb9dc749ac89acdb0ec938f2fbda9a8ea4180b505869260dce24b25d11a8e68fd56fd5616ac280bab091bfa40be75785d3353ffb61156bc9d7eb1a322af4dbfb1f59066bd882d12d7daa69198fbb42ba020b0525d74734fb24a69455add9e6c618a0e1ee76b48c72fde8dc235111429a662c2c3a9ed305d9b891019fca31c587c3aa2d1e6b57ccb25908d9b3986d8b3790c129dcf1b83a21cbb6c42625d0e7f1837e5de33b9e992fd6d2b7000041aebc700170409f06a3300fc02efec194d4bbc968badf831cba38110840fe9374915a5469a631a4d59d41c51165d6929999de9b676f75ed81a9fd0186532ab91046d000eed2fcd8594061d4aacf6d3d928df1892d364a61449d47a97ab4a6934e87d79e2b5ea8e23e65129ad389e8ee542575dd98b9ba0945548d3c18a17c4bc50c07a1ca78a15d6f78d1028e96f8210bc5e4e1bd10c6b5a85d69c0ea1acac08b0e65fb5c69a56fc84486b9c593ad8bc3b2e6d4579cb35686acb630e07ad695ed036e4f7c31129ae88b951058f2b5a9a117690456d1c5239a525f6a42dd16fb70c135be47bc725fdf051f644e091b6d2ac6f80015917b3ee0dc8851b838dfd8106f465b1eeb55d530987a93b88e260b668bcf2effc1a470d767edfa480af9987933cb4c6fed7b91105532b92dc10fed4c076dd74c43887db54d3a68c29dcafa73689816a248065559052ab384eab37f4826ddd71e6bb0b6eac4e22cca9eaba9f0f6c1816382e0927380c786f73c5a11bcb0176d688c6e0f3b0cec7f30a6a090ee9e0520e0b505c30aa6c1c498996ef0778615ca757eda126e73bcc5e5a2c533a8c0385eef8c8e531596b097a04b1c2c42b6ca02c3a5162e1ba45350f1b78e87255157ffe0a8f41c7c937adbe33d8b7f7b7dd8de24dd9cd41ba23c27d0fdfe9d0027eb9e445232da8f64294a8575080bd66be08fc4b294f5300c82cacd6899d6afe5c904053a69c373dc012fe50de6b8bed788e73d0c610a61a295636fdbdf384d00f1fc5b3a5f7876b01f7ffce8d42a5d01f7757a8d58d35dc2ae3a92e0597d7883982e01283441b7d719f12de8c29be164ec16738684a5ee89dcfd6a84ebf52e0497de485f0bb7591ad4a35bc95f3f7dabbf293c4206fc4dab92d0c7f6cfcfa317058013993144ad7dd2fde406393a2acc396d9056a2866d08a7", 0x1000}, {&(0x7f0000001280)="527e374786039c72563352d047669452df57c09a4965943aeed2f05c3f2a4b46df6bb31955f6616b8854942d3f26dad9a6e3ac9b2ef0b89ab13a700ad0937c6088518b821ea356c63b0b4deca5cabdc81e0962e409a8af0a08da38f82414655035931a3c673cf96a225d39b6c5485d7af35c8895b920a0b891ef6f290ce1a9bca3d3bc2c2604184fa64a95f6b3ee5625848150b70548cd205efacbd51b625c13e444eb93bf3e32ecec37d87d27fd44ad4e83447083adc07c67151d3f28d2290cc0d20a", 0xc3}, {&(0x7f0000001380)="01c95bb43d691c948b91", 0xa}], 0x4, &(0x7f0000001400)=[@assoc={0x18, 0x117, 0x4, 0x395}, @op={0x18, 0x117, 0x3, 0x1}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0x98, 0x117, 0x2, 0x80, "65bf91d7e31bd610ee51c49c16e792e8e6959baf00aca2c2e2dcb597abfc8c98bb2b32cb439ba4141fa56f4d2840f734fd12053ffcd04d811cade874cd6153b8e33767a6589b1bcb87bd82d07bc46081ac6fcd7b699481b1bb0fa5be5dbce032cf682dea5000d7a04d942131d8aa7f09b18a6c82fcc7ca9a42f9353d5e1e71e8"}, @assoc={0x18, 0x117, 0x4, 0x3}, @assoc={0x18, 0x117, 0x4, 0x101}, @assoc={0x18, 0x117, 0x4, 0x1f}], 0x128, 0x4000010}, {0x0, 0x0, &(0x7f0000001600)=[{0xffffffffffffffff}, {&(0x7f0000001540)="ea05f01f353b1e50950a4be2b424c1edd11d84eb54c284a83b554a9a00faee5ef51fa0d7651fbbb0cc2284f1c7e11c445a47f465dd83fd680d7489e8293fdaf11e6f0de00fc47faa920ffd1663d3bc57d3cc8c6f6bc9dd5372fb8ed1006546933dc61205827fbfda6abe72bc6f8a32d901bbf8a0ea545b9f6f3ef07af8ddcdbeabd913", 0x83}], 0x2, &(0x7f0000001640)=[@iv={0xa8, 0x117, 0x2, 0x8e, "d956633a3c9a85689526b01ec071a03cf367047a04815bcbd858dc657f797b0dab58f0ef711a0de588ab2d3775fbb2214c9b56b4142841337f917606b59460bb1f4b654745cac4887ae72b7f6988485ea4ea0678642a7ac77045dd4cdabc621300d733230f4e7ab013db0b3eed30919fdaa0966a632d6b41b4e290a5cfadb4ddd04d337acf4618537e8250a887c7"}, @op={0x18, 0x117, 0x3, 0x1}, @iv={0xc8, 0x117, 0x2, 0xae, "929cdb4c0a5d2469b2e40555a3db33e7830985f10df839f718091bee13251bd30aa2a56f593a0c93222e14417919af04fd0019ca83e381acd097274dbdad68b30ac122b1f3ec199458bac9ae30fa301baea02325e9c76b5299a9f15ea8a662af00feffa5ee6e98cb231cfe6ce20dfa0de67e031f3f30550ad099da1fbfee7a03a2fc21b73f704170d3d39354d45d22c871e885ad3d3ef2c2743cc20fc406c39a72a5198210534c0ba17210376d9b"}, @assoc={0x18, 0x117, 0x4, 0x5}, @iv={0xc8, 0x117, 0x2, 0xb3, "58574297d4e21043d16280b4adb26e1b0e9c670313372eb95c5f78d97584d91c283e7ec1e84c008563065ee87a8163d909fb195d5d70112ec3af18b1825dfa3a515f70ec750c9136b079e7bcab6da1a85e68ee025a92e9c83f7a5f1d085e48d127bfacab1a42b3c14c1b774868086d85431e3642eb2a885027a9dbc1a2917072e9ed28bcf7aa17889c9a0aed1f4e05a23316b71b7adc717f9a3ad18ead7674789555eaa355c9a91e59253b4f778844a4773874"}], 0x268, 0x80}, {0x0, 0x0, &(0x7f0000002ac0)=[{&(0x7f00000018c0)="f564dc29ecd7a640ac0528acbdff197df45e12e4bedae81aceb03df27b454ecf2f6c8c811dc3b46b61a593b91af0608f83ed072cfc185d81e6f8319af6dfc5566a4604d76cf2bb4991ed09153b5952e93a46788c59c4e73099fb0f1faac93af8a764cb73e0bb4a8fcf088e3baf142738d0b5da04539836ead6b1d8bd1b92498e0916b2f75e8c2a48b4b41185396ff72ea92888138e9a0c7ebc51bd515bfb38f4cfe82bd629f0bd0cd808d2f7144306eba5fa553805343bbf83de3e52013cfd2f5253a6f69d16e3f8d7d9558db6bb695ebd5148611e27c6bd75ef71795ea0f0188c3ec7d5cd43a24f182d989de22e2dd6acdbb8d499e147", 0xf7}, {&(0x7f00000019c0)="f8a5dc05dc2ec04084817e9c8f418f0dadde5c98f5609c64be17367ff9d455ee7f415cc2fd1996bfe1f6666bab7f421b6eeb5b2f5010f2e060799ab21c6e340fd58eea369f00b2a8d6ce984fb2067245a1d8fda6e0c4551035726f3816d848fecf17104940d0ec5a85a8e16495810ab8bafd99ae6c37195fa33cb5508e1d2224ddeb5e788610bd7df318f7160c72ade676de81b605eea88c2705436a2d9d59ec21ad2c4997bf49eb9f3c6ce5dda4539f620123be7beca2815646e4c557c01f10378c5374bbe0602ad4716144b2fca8cfdec3b5089be5a9d4b780ff992f405647ea845165d31ae01a4b82b27e97b3338180a829d788adc3f9", 0xf8}, {&(0x7f0000001ac0)="3532a5a9ab1660dc5d8e4adf0a248afc588df25331abbaf2f77c2496c9ae09c49cd2d22dba95fd050574b7022dd5310023a7b5cbff0607def6cceb39e5c4832a7c22c6f91e8ced869600dfbd6955d80eef9cbfc4feb9f3e70f71ef783aed7b46d1c3d1a02b8666c3ba9dd528323a214a1578c2dd70aa8c1629c6352fff3f4483c97e633148ab3643e87e9ba3a6e0c1ff69bbf0c2b6def7dcbf0709fdc5aaf0315497f26bdf816dbd460c7034ac6393f8feb4be8b62025d077f32d106c177f9005315769f63be0dcb5db723506df537012f5427c9ae4be6a17bac8c963b2e2709972e89ae808dfa56fe96a4fb5ccb150c2ae1e4f468cd23f448947d42692eda1dbffd5305f1d3dca362cb5795efd0085ff1410bae7ca22ba4e3483345344329be381711d19184adf6ef26cf783dbf4b20a895aaab83474cb96e6431094b8ff458c7e11da53c7964a7cf0e592900ba92c7cdcb3bf492bc6f1bb36dadbb753deeba55298cb8bca395f9c43d322ffdbb6c17d61253de4e09e2ffb91b3a3ae64970a043eaceb15cb2074f14435cf410f5a5af2e49c17e9f34076594f8707c031f7a731cd8f0009844c82d7cbfb9b1d494433fe45b0a380db77e139e0a6180691fd3cb0ed6fcbd5a7a12a647501f2c8c69585e95d5202f5a6058bb3894d082f4aaab87904c774ba69aaa5f278b6a0a8954253d150adc6f245e0eb05ced3f3123610e803ac83ad11615fa6d8b08dd68e1a59abffa6351f268f2f69b1f4e6dd9ec35b4cdb7b2611be508f59f60c3a95d19a5a46d7035c0e0b0553ab591d5d0a32fbebfe550e8ecf2960798b18d89444c55ce4173f07a149f26e4a33b2f7cd2530870efc7f97275e60af298ccaafd4cb8dfff3a4647487cbd6376958c76e9d4fbdd078008eaa9400d744b0fe873701d6810184a9448f9b5cdb76390fd1bff7c41b9942022d1f543df0b8dba9e6674b5d9d1dc2d6a0fdb9ceeb98b2cd89f6b38f49f50da1403b5fc35be737b39b1743393ba8b69e944d1b46d68e7913b6c7d7f1e6cd0ec22dcf80669db90a44039d3387762b5aa1443810f2e2a9e76696730892fb47a857ad50875bbf1911c54bccc22ec94b6590d34f9539dd3731c79a05d0f9ee0dba6eed57103b4b175bd5352429fdbce2337e422df7b0f66cca9704cec59e48c41af3b9cf9e3416daaac384c36d12c6e45cbeac634dc54bfbafbe1460acbad7a2feb017143800572028805078712c12310d0e1080421f18835977c15dd4280fc08be725e58190e42116d85b3456112bb2927289e9555c355c0057e4ca57a69f704701175669ef2471c0a600c74287dfc4b5beded0ce9d59c7aa96e0b14302b17c09683939b9359914e84f115d19a35b00b68b02757944a3fa0733554ebae1add2b2cadd3138310206f36a57fc872901412801a6c9d77a59ee3f53938aa503b96dd28c6ed3381a773f2ccf32921e25dc3f8ba6ad5df4082736fa5ba5f1d4c8c0c678267e431b6ae17e51964c9bf899b0838393bc3f6a05d150930f6e823c494867aabc7309a2a21a9112cd0fcb6f6e338b27ec5467869089f7b5a08268c67f48e7dc505b20106f36ab92786e92473ad5314efe564c236e8f8689ea7547560fef7d8de8893691f06fa7ed5f73fbe3b5c26a0762ea71f39c9647cc6ff5a84e891d07a0e77118a87ebcbee72920890f1cf373977608b8a05c4d7ea573adddec731eeeb12556063f3f3c83447536b57cc0f2b5206decc0f59f7d027dbfbdaeacd783c3014525a676408964f89e7a67254be3227bf75a688e03a73b16c52a5fc0a2b243434520faf7d823358815baeee842217c44738a289213b339fca6b5e611581ae9e0cbe1fd115fff6efa9562f92b107177651c739989e1e95a92186e249def66cf55b1634c95f7cedba4a6aca209a2749308fee4840c854bf207a930185e5ab5ebe2c54cebb335b99bcd016d44878fcaae78bf9fe059ed9668733c7e4f8c35389f902c5566877e75db6bcf1eaf4512f212ebc01670f7986d2a4ef21e499a3c89dd6dc12288b60a67410b513352cb157d69b64d5acedde46a5c7cfb89dd33e6bfe223ae8a40c9077c75ff05fc1efa0eb42becc1b5981557c295fb15c30aed8c818e9c46536e61e9c083dad8f403cfc88a26359b2e7af2bbac99bced68c20db4bc3a23835db457b28577e1178c7cd7a06778022225ef8841afddcc68c6fde1a9ce2ae48dad436e2b389b890e03df997c68d164e3415b41b55a06a24fd42ddad8f32432324dabca8be8dcc4fa04e54d9f208ec10c7b4ac6ffd5fe3f482141a5c310472f67c22cae83b478c13a4b5e3e3a9a3192801330e3ea7ca3f77303420d484642d4f6f2ab4b4b6bf80ebfd866e94cb8cc235c5bbf7c68df18eaca414ae88d7a9cdf5ed9b92312397fe75ebd7da7ddb7a1c9b228a92930022ce18db9f9d203fd59ca017d6b3e04900cc4eb9dc1181917fee089fabdbf489e0660744d422ed97c32046608579874ffafe57f01b6c0aff698e186b8470b08218cf3c071329cecc03b1db6a3c6f9af7a83b2ed6677def13843b03c4c0e0095212afb9ee578fff68f28ad5828551ec4c4f443032e43cee46eee98c14ea2e2db2db65b36bca0a71d3f7a168a99c7abcb2a42951ca6f969cdfb6f2b8caacbbf71c70f91ff49d597ffe273d3e2076322fa256e13fa271993d74f64cab980644051bdb12f77205cb649147b0d748d3480e35967495a6c3e628ecfbb5f48908c9d3495fe006cd46656401c1e8d86a8f1b74b4473bf876c5afd6d20739bc3e2d64e6f14412927671bd86dc9aa67069debeed2dbcf3e5ec241799cb2761969f1d758c47d0349432b29f640a8a82b35f0723c3513f9c57f13826510fc67f22ad6ffeff5af3ea203b8abe34a7d545a040f7e4162492cde27233c581a567678788581bb53fbe77f4cbaaa5e9ee36be24a8d15158d1b2020e7bdef87a4126bfa52f03dace16ab00a160e0bd050630b24ec2fb09ca36f088f4f3a8c793143750535058c834854d72ffdeea4be26082ef28930f27e34e9a8172e6c21760f77e495f9d19fa4c2c7f1d6eaf808c351f223e267fcee8f88fd46cf2346b9c91f2a796e5edfcef9daea0ba71d88470755a2f1ed9ce45b0886016ae81552220576deed1af8c16fe19d4973bbe0d9121e1db44feb5de0816a02e7d58b6475954662af5c3a8a4781d65b86c3324190df89cfef877d1c054d12b4bc7bc311ba0466bf1ccc0486e56ceb0b4dfec416ca0c1fdfbdcbb6dbd3fa021975969d6f716089aaec471682bd38ae439f2aba9820f54055741087f5d3b3965b60c0c30d0dc2b3669dc3e5dd083c5da3837b947e39dcc903d626d1f2aa98b2ac81503f1bccdebbd6e95481ed233ab8be3052c90081d769396c613bb90c0f2bfdcc17b49665bda5f679b86b4e874197af5fd5370ca75c180528154cbe5ef06479b71af4f53eb6ed22308ae5311aefc9bd3f587d8bd3fdd708893103f8167b9a142d7f184e16f21502c4de8e986893ccdf85a35a21eaea21e7faa2df226be45a16fb5d7de30a6ce95d727f097bb220e327c4074cabb12bee5addacd0c7ced8653fb2c02dae7ff35e498b4ed01d98a271b8b2ccd8a788005472cd9a52ad789cb82f8f0d862061c7693053498fa9b22269165a9ecdf47b49ce4345534da47e9c0b7a02dd797cd9aa91f2db8d7a79cd2c88135eaa03fe2704136c1eb8f9d65f346161ad58faa7f09efdb56bd841b8f29a8e51eb3353e7b7a019392b4368915b74acf1eb1e89ec4cd9e1bfbfe4d9c14ab75327e54b547f30c44c89526bf2e853accea2cf80bcf4ec2ef02a7122784cec0bd1cf39b12103010f07502d557714e1a78328b5cea7b8084d3f1a7d9e66197499c3fefb5d7cf6f2d5281d21c757cf8ae6d8b677acd1b65360e999dc809ca0b210a72208d24865fbcdbedb7164e6f66a41b9e06e833a93558a4b08d43c0ba086b8a34f3b69dda5e57759014b68dbc468a12883139ad22ac99d87235fe893241d5a39f1a34afe6f427fd51d704e97703b1c3550ebd6034389b1ac6daf8fdd853644f7823d451f1a5c637a818a58998fb6dfe1448f21cbcdf29db33038233fef434a3fbf60616fb4b4107eab8122a425b2f4a403f87892d548414b057031d615ca09b83c1c95a6bae18d3f55d037daad84d102c3f8a8485241f43ada4d4848fb14b140421e53fef6c1a522d651431522d59ea8631f68ccedd1bcd5f0a4bf429a4faa65c38b7edf298f71869b7ba9477218a0979006afe3e2b498cb91c59d15ef011286388bbeb979126b6611bf294efba1168a5e3d0dc7772ce8ffff6666a5f1e633fef938ec1f0e912c82c439d824122c20dcd0ce53b7f4a80a8a1ddfd9f144683570be267dcccd14eb7571c62f0b0f086771355f112e08dc2bdd578c79ba59a12e33f9683881b47f781c7a1a70479c5d9b74ba426af38f1daabcf5c05a6622223888940167d953ce471080da8ac0a88bfb69ceccf691c17c1d40c1f510cc56482c1b0ea2b66d0e2f16849058cde644b1c573cb199612805583800ae34ab197da0ce4617dfca67f6665605993471e983f8612edab190bff85cf6a9ebe930c17bd63f093967340848dfae601340d40ae0eec9c40d2156b1c0371314670557a82297bc87cdb5b2f24a701122dfdc875798bdfb545b948b3a5980295d73427662af782d5c41f5e00d88634392d54dd8b97a9796ca4b7d0a4175bc0470052afe198bbe01fc82e4b5aaac9c017bbe527a98c2b30fbf85af834103e0e8551f262dfcd2fbf997a07977729d69b075ecc7370249b5b0ea28c92cbd74eba70e0b61610ce5500eab0142000e90666bc086eac1edec35abbac2ee392a2e1456a70696dbede02b5fd0d09bb55d431513ac1009c9107728d7d06e4a609f6cfdb84241026531c89b957b11028a06ee3c0050a537cda7877bb51739349ca991d2995987cd32661d26f35835f0acdb00ff46afbb152b8bf0c6177f91c294898c5d8f066430a231aa7c728b8d678c05ca932d7018e5af2ff633c3fb12523bd6128d1eb6f6636c38a2acc21d3a9b84f755acae8e72a594a4bc9afe5f52cdc4be2855c24eddc9777cb320f3ce823970a2398d25bc2b9aa120a3943702678122e0f339561ed48fb06ba9eb16987b70461468b9410347b315e80d3ba1dd687df0e9402c68a7db5626566589a44378e9ba16d03d18ebac8da384cff31e1b903cc14b8e380848bd26fe077144408d219fbb0a79e66c730af747cc74573eb4c2e37b432001eb8c73acae63225a676d53f666a796edc55aea457c2a0b80e63aa2c03b7be19a0c5c564c9aefca1004f62db6c9d88e03daa60233d7ba26d4c2df289f0cc49dd40c6500c8db900db27701abf893777bf4a794924295ee4e02b82324ef90925d0394dba5c3ff2dcfc47adbdbdcb9313c6893b7ea684def3104db9ccecb5a7c544b559978a266107bfca438c686d50d9dd7b6d68fb1d3586b7ce400f0d9eb30da4ca18dc18243c4b7601c05b71a746d50055b35fb5be64928a540712d06aba0959117b446be16c4603b97e2d2498a784d84be3df4b30fa0edfb53f0c1822b2fd2d4ad1d15aaa72f42d0f0a10045e76ee78fb4c69b37bec1bb8003c63da5e1beea613b8b9938f319c76eefdf2d3a5519acd076d753abaff819d245903680b4da923efcd0bc4b52627b1a2ce87ca3cecbe24c5a92471839872475cac7e567e0f8ede5aae13ddd21b8e685a5937bdefc50dab0811c6ecad852b8e582e64b0b97ff743437e896f7745e89e37eca26aff57ece5e543a12726a86a8", 0x1000}], 0x3, &(0x7f0000002b00)=[@op={0x18, 0x117, 0x3, 0x1}, @op={0x18}, @assoc={0x18, 0x117, 0x4, 0xfffffffffffffff7}, @op={0x18}], 0x60, 0x4000000}], 0x3, 0x4)

18:41:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:41:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1104.578115] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:05 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$VT_DISALLOCATE(r0, 0x5608)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:41:05 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:05 executing program 2:
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
pipe(&(0x7f00000007c0))
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x38)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x3, 0x28})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

18:41:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff'}, 0x58)

18:41:05 executing program 2:
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f0000000000)={&(0x7f0000ffc000/0x4000)=nil, 0x4000}, &(0x7f0000000040)=0x10)

[ 1105.237252] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:05 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfe'}, 0x58)

18:41:05 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:05 executing program 5:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1105.366599] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1106.635567] Bluetooth: hci0: command 0x1003 tx timeout
[ 1106.641116] Bluetooth: hci0: sending frame failed (-49)
[ 1107.355595] Bluetooth: hci1: command 0x1003 tx timeout
[ 1107.361034] Bluetooth: hci1: sending frame failed (-49)
[ 1107.515558] Bluetooth: hci2: command 0x1003 tx timeout
[ 1107.520956] Bluetooth: hci2: sending frame failed (-49)
[ 1108.075562] Bluetooth: hci3: command 0x1003 tx timeout
[ 1108.081042] Bluetooth: hci3: sending frame failed (-49)
[ 1108.715669] Bluetooth: hci0: command 0x1001 tx timeout
[ 1108.721219] Bluetooth: hci0: sending frame failed (-49)
[ 1109.435612] Bluetooth: hci1: command 0x1001 tx timeout
[ 1109.441033] Bluetooth: hci1: sending frame failed (-49)
[ 1109.595571] Bluetooth: hci2: command 0x1001 tx timeout
[ 1109.601123] Bluetooth: hci2: sending frame failed (-49)
[ 1110.155560] Bluetooth: hci3: command 0x1001 tx timeout
[ 1110.161084] Bluetooth: hci3: sending frame failed (-49)
[ 1110.795612] Bluetooth: hci0: command 0x1009 tx timeout
[ 1111.515608] Bluetooth: hci1: command 0x1009 tx timeout
[ 1111.675580] Bluetooth: hci2: command 0x1009 tx timeout
[ 1112.235560] Bluetooth: hci3: command 0x1009 tx timeout
18:41:16 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:41:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:41:16 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x4009})
ioctl$TUNGETIFF(r0, 0x400454d1, 0x0)

18:41:16 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:16 executing program 5:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x1b)
ioctl$KDADDIO(r0, 0x400455c8, 0x3)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:41:16 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1116.148365] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:16 executing program 5:
r0 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x57)

18:41:16 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x6, 0x200000)
ioctl$ASHMEM_GET_PIN_STATUS(r1, 0x7709, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:41:16 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$PIO_UNISCRNMAP(r0, 0x4b6a, &(0x7f0000000000)="687ddeb5c407bcb97371b139f87a5b2e57f3f087fb6ebb5199689489f6ebc37a0db1fe004c43208a59db62d35f5f9ae9b09607b3ce0fd29b066c30c2c1e0cad62a312564bdf890d8b8b7ca4ac47ad258232326dba83dad88564ca368acd1187e3684b949782c65823faf200054694b575c1e")
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
syz_open_pts(r0, 0x400000)

[ 1116.285875] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:16 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:16 executing program 2:

18:41:16 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x20000218)

18:41:16 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:16 executing program 2:

18:41:16 executing program 3:
r0 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/qat_adf_ctl\x00', 0x440, 0x0)
getsockopt$inet_sctp6_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, &(0x7f00000002c0)={<r1=>0x0, 0xfffffffffffffff8, 0x40, 0x0, 0x7, 0x1}, &(0x7f0000000300)=0x14)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r0, 0x84, 0x77, &(0x7f0000000340)={r1, 0x9, 0x7, [0x7, 0x3, 0x9, 0x200000, 0x1, 0x0, 0x7]}, 0x16)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
r3 = syz_open_dev$mouse(&(0x7f0000000280)='/dev/input/mouse#\x00', 0x8, 0x80000)
openat$tun(0xffffffffffffff9c, &(0x7f0000000240)='/dev/net/tun\x00', 0x440, 0x0)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f00000000c0)={<r4=>0x0, @in={{0x2, 0x4e24, @remote}}, 0x721ba881, 0x5, 0x1, 0xd2d, 0x2}, &(0x7f0000000180)=0x98)
getsockopt$inet_sctp_SCTP_CONTEXT(r3, 0x84, 0x11, &(0x7f00000001c0)={r4, 0x1}, &(0x7f0000000200)=0x8)
socket$inet6(0xa, 0x80003, 0x4)
socket$rxrpc(0x21, 0x2, 0x2)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX_OLD(r3, 0x84, 0x6b, &(0x7f0000000380)=[@in={0x2, 0x4e20, @rand_addr=0x5}, @in6={0xa, 0x4e21, 0x1, @mcast2, 0x7f}, @in6={0xa, 0x4e23, 0x0, @mcast1, 0x1000}], 0x48)

18:41:16 executing program 2:

[ 1116.477452] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:17 executing program 3:
r0 = dup(0xffffffffffffffff)
ioctl$PPPIOCGNPMODE(r0, 0xc008744c, &(0x7f0000000180)={0xc023, 0x3})
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x4000, 0x0)
bind$rds(r2, &(0x7f0000000240)={0x2, 0x4e21, @loopback}, 0x10)
epoll_pwait(r2, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}, {}], 0x9, 0x826b, &(0x7f0000000140)={0x8}, 0x8)
renameat(r0, &(0x7f0000000280)='./file0\x00', r2, &(0x7f00000002c0)='./file0\x00')
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
dup(r2)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:41:17 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:17 executing program 2:

[ 1116.639755] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1117.119085] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1118.395574] Bluetooth: hci0: command 0x1003 tx timeout
[ 1118.395621] Bluetooth: hci1: command 0x1003 tx timeout
[ 1118.401019] Bluetooth: hci0: sending frame failed (-49)
[ 1118.411646] Bluetooth: hci1: sending frame failed (-49)
[ 1119.195607] Bluetooth: hci2: command 0x1003 tx timeout
[ 1119.195642] Bluetooth: hci3: command 0x1003 tx timeout
[ 1119.201061] Bluetooth: hci2: sending frame failed (-49)
[ 1119.212515] Bluetooth: hci3: sending frame failed (-49)
[ 1120.475585] Bluetooth: hci0: command 0x1001 tx timeout
[ 1120.475621] Bluetooth: hci1: command 0x1001 tx timeout
[ 1120.480999] Bluetooth: hci0: sending frame failed (-49)
[ 1120.491662] Bluetooth: hci1: sending frame failed (-49)
[ 1121.275641] Bluetooth: hci3: command 0x1001 tx timeout
[ 1121.281075] Bluetooth: hci2: command 0x1001 tx timeout
[ 1121.281141] Bluetooth: hci3: sending frame failed (-49)
[ 1121.286794] Bluetooth: hci2: sending frame failed (-49)
[ 1122.555596] Bluetooth: hci0: command 0x1009 tx timeout
[ 1122.555601] Bluetooth: hci1: command 0x1009 tx timeout
[ 1123.355617] Bluetooth: hci2: command 0x1009 tx timeout
[ 1123.355637] Bluetooth: hci3: command 0x1009 tx timeout
18:41:28 executing program 2:

18:41:28 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:28 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:28 executing program 3:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:41:28 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$VT_GETSTATE(r0, 0x5603, &(0x7f0000000000)={0xec, 0x2c, 0x2})
fcntl$setpipe(r0, 0x407, 0xfffffffffffffffd)

18:41:28 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = ioctl$TIOCGPTPEER(r0, 0x5441, 0xfffffffffffffff9)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$KDSKBMETA(r1, 0x4b63, &(0x7f0000000000)=0x7)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000004280)=[{{&(0x7f0000000100)=@in6={0xa, 0x0, 0x0, @mcast1}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000180)=""/57, 0x39}, {&(0x7f0000000280)=""/247, 0xf7}, {&(0x7f00000001c0)=""/81, 0x51}, {&(0x7f0000000380)=""/245, 0xf5}, {&(0x7f0000000480)=""/45, 0x2d}, {&(0x7f00000004c0)=""/32, 0x20}, {&(0x7f0000000500)=""/220, 0xdc}, {&(0x7f0000000600)=""/46, 0x2e}], 0x8, &(0x7f00000006c0)=""/33, 0x21}, 0x1}, {{0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000700)=""/97, 0x61}, {&(0x7f0000000780)=""/25, 0x19}, {&(0x7f00000007c0)=""/170, 0xaa}], 0x3, &(0x7f00000008c0)=""/53, 0x35}, 0x7}, {{&(0x7f0000000900)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000002c40)=[{&(0x7f0000000980)=""/4096, 0x1000}, {&(0x7f0000001980)=""/4096, 0x1000}, {&(0x7f0000002980)=""/133, 0x85}, {&(0x7f0000002a40)=""/63, 0x3f}, {&(0x7f0000002a80)=""/136, 0x88}, {&(0x7f0000002b40)=""/217, 0xd9}], 0x6, &(0x7f0000002cc0)=""/9, 0x9}}, {{&(0x7f0000002d00)=@pppol2tpin6={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f00000031c0)=[{&(0x7f0000002d80)=""/156, 0x9c}, {&(0x7f0000002e40)=""/128, 0x80}, {&(0x7f0000002ec0)=""/45, 0x2d}, {&(0x7f0000002f00)=""/15, 0xf}, {&(0x7f0000002f40)=""/89, 0x59}, {&(0x7f0000002fc0)=""/125, 0x7d}, {&(0x7f0000003040)=""/129, 0x81}, {&(0x7f0000003100)=""/85, 0x55}, {&(0x7f0000003180)=""/17, 0x11}], 0x9, &(0x7f0000003280)=""/4096, 0x1000}, 0xbcf5}], 0x4, 0x12040, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f00000043c0)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000004500)={&(0x7f0000004380)={0x10, 0x0, 0x0, 0x40840200}, 0xc, &(0x7f00000044c0)={&(0x7f0000004400)={0xa4, r3, 0x700, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e20}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x4}, @IPVS_CMD_ATTR_DEST={0x54, 0x2, [@IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x9}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xffff}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e23}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x2d80}, @IPVS_DEST_ATTR_TUN_TYPE={0x8}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x1}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x40000000000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0xc761}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x1000}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x5b}]}, 0xa4}, 0x1, 0x0, 0x0, 0x880}, 0x8000)

18:41:28 executing program 2:

[ 1127.648752] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:28 executing program 3:
nanosleep(&(0x7f0000000080)={0x0, 0x1c9c380}, &(0x7f00000000c0))
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
r1 = syz_open_dev$dmmidi(&(0x7f0000000100)='/dev/dmmidi#\x00', 0x9, 0x100)
r2 = syz_open_dev$midi(&(0x7f0000000140)='/dev/midi#\x00', 0x5e35, 0x18000)
ioctl$KVM_IRQFD(r0, 0x4020ae76, &(0x7f0000000180)={r1, 0x2, 0x8, r2})
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000240)=@assoc_value={<r4=>0x0}, &(0x7f0000000280)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000002c0)={0x4, 0x208, 0xbb9b, 0x9, r4}, 0x10)
bind$inet(r2, &(0x7f0000000300)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x1d}}, 0x10)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, 0x0, 0x0)
bind$alg(r3, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1127.692192] Bluetooth: hci0: Frame reassembly failed (-84)
18:41:28 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:28 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000780)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000001c0)=""/97, 0x61}, {0x0, 0x249}, {0x0}, {0x0}, {0x0, 0x3a9}, {0x0}, {0x0}], 0x1000000000000273}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xcc, 0x0, 0x0, 0x800e00549)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f0000000340)=""/56, 0x38}, {0x0}], 0x2}, 0x40002)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r3, 0x0, 0xccf3, 0x0, 0x0, 0x800e00545)
shutdown(r2, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000080)=""/169, 0xa9}], 0x1}, 0x40002)
r5 = dup(r4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r6, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r5, 0x0)
r7 = socket$inet6_sctp(0x1c, 0x5, 0x84)
readv(r7, &(0x7f00000006c0)=[{&(0x7f0000000280)=""/2, 0x2}, {0x0}], 0x2)
shutdown(r6, 0x0)
shutdown(r3, 0x0)
shutdown(r1, 0x0)

[ 1127.739920] Bluetooth: hci1: Frame reassembly failed (-84)
18:41:28 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:28 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000080)="5583655d7e21da50cd0728f6a0", 0xd}], 0x1)

18:41:28 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1127.871023] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:28 executing program 3:
r0 = syz_open_dev$media(&(0x7f0000005600)='/dev/media#\x00', 0x401, 0x80000)
getpeername(r0, &(0x7f0000005640)=@pppol2tp={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, &(0x7f00000056c0)=0x80)
r2 = socket$alg(0x26, 0x5, 0x0)
r3 = socket(0xf, 0x5, 0x80000000)
sendmmsg$nfc_llcp(r3, &(0x7f0000005480)=[{&(0x7f0000000240)={0x27, 0x1, 0x1, 0x3, 0x500, 0x9a44, "2c197f0073ed8b69e41bb6ba70da90e2ba2e3e938b59e9e5b7697484e5e8bb6e3e430eb4f06fa2c295b5fe2090a7695fa4cf0b3337a0d6cb5ae3ada965e70e", 0x38}, 0x60, &(0x7f0000000100)=[{&(0x7f00000002c0)="db7afdd2b0070abfaf7b0126b954191a88132926a50bc41f324c7daad3b5cb003e62bab90a15f6f8574afd23d3d6fd9cb933693a5e022b522474e7737124144d9d405df5cef00ac896e3f1cea43714c6ada4b6e0f129866f67a1d63d1aa543f292e02f9a67991a2ef0ac16c148b7d50b27c4eb18472bcca9b3590dfed267e0e8516d0270ed4fd11d5775431b30cc4916fc46afa97d07ef75f7aae5", 0x9b}, {&(0x7f0000000380)="273f27eb7241e84acdc00276ff9ef28ca2f4a1a80bd47d95e169c24bdb20c2bd0c5efa3b09332c1f763867518a513dc7939fcff955e6416e261e9e8110f4e9ac3e9a1d649e6f5e272e571635787d7326360beccc3b5c50bacc0ec0bb6755e1fad4133f42003195ae731032f30c502dea446def17a33ddca6e4c38ecf820dd96ec240597b92bba645b436ccfeca7e068307dd51d53749eaddf15db8f8d0a659e0d7f615e02778928a0bbc1df73c3d4a671b38b1c787e5540e334b11395d58a4f7cf69e439bfeddaf07e0fe33d48706a4c149722c9ed851ecdf7", 0xd9}, {&(0x7f0000000480)="fce3c970ae76332ab5bf55af3359b63ffc9a596f4f9b95d6b6caf6ed46edd9bd708a6952ed6f4a69d251e4c14565b9de22ec541e01f99d5f3d550245f4b07489a75bceacc02f359b4598ffdf34d9da962f601d1bea53bd79178e1378b49f002d85cc702a4ea8297e88b44bda4112d794846424d9f8b5cd763ef4bbe9f8548c0c4ef1235936c8824f44ca925c458a4cf3a2eda35af99d9aad6868cec1c7f311a6e098b91106fb2760f1341f97d523571a286cf291d737c53f644d29e489c3ebbc6d6c409b3905fde17da1a88eadfd90ef98a672b4c3849f7bc7369f4721b89ca0c7fd90cf03f7b3af9938ed5ecee2c6135f16acbe12587c0e5f65f89f10b15b61e81b25354c53f9dc82f79a14c54fe44deecfbac60c68aa9c6513c2800257cd9eb36ebe6dbceddbf2cb84ba01b5ddd0cb8b15c17e189b13004ac47b6b30ac07901b3d91981194dacdfaa4ee1d73e45c8a4bef13a4b7e8f320b48dc3cb88e833e89501c8fd033bc1c0ea05dee5960c144349b598ba404aefd82706bc3b5038bcbc96c23d4c181fa03fb8263e88a9fbcb8caa417dc64ed7718d23c26074c508d5271464aaafb9f3d8a4e1958845fa2e449bf71d5f4cb0d5f47d4633a246b573a4670e1218312bf59b64aec275583b9ff8633ae19376a725d1393dcd5c759d6db8f8457aa146c803c79fac5de4135854aca8f0f4e8d53cf30f57ec76ded1225cb1492039856fff6bd30ec906aaadd5dcaf25dfef9f2d139d2831256cd58b717e47b4f348b091bd2248d215f79ecd3d1f4f0adbfed6daa66eb562d81f93ee4cc7162e23300c91e7fdd4d2ee25b5f97a14ea4f008589a62f335dc7531872e6b6c3af596e1460c21aea13a9e00a3df7253f283082ee7118989911778ae1f225d26fc985cdb20886298bb3c1290cc701a10916dea8ebe13f46b67fde94ba6c32381e8473e878ed3ef58373b72623a1944ea09e048831809503766df033f50d3ce4fb5cca686748adf5da537d32920ee3588c0828cb33eb10e6f96cd95869ab6dadc8ab47545e3bc93f29751603d029a100e9615be5e8d59ae463b12f087b1fab0769fa8c40a906eed06453008b0c0db3f57977dab513cb5ca7c4aa375cf3eb3370c0981d92208bd832107fa5d3cefb8288026de05b66fc74165c9d1008b43fc086dac016076ccdd9d1591d4f9ac57e61d013da7645d0ee1ee9640c3438e7c4c5abd575d36b26bbd6f92910e0bfed2c37359b109e2828da6c2ac58778bca28b3f4ff2dddb9e405c2d06738bddfb45e2a802a33b559b8f3021213c8cfe86a477f8aea899321b3a83f3d32084798283d7df1795a9d063fc1da426e9a42744eaef2a7c81883306502f84d0c43757f512daa449f93ea57f012189f7e4b27b84eecd5e1c14499eea098004308738240097f2556878555688d22489a0b1b799d86344efa9d61176c090988e8ebc0793c590c019da4c05f2aaa0f6b7c3c4e19a342d52c32799e186edcd44f751422859f9d24c27d36824d3ff259732fe034abc732f4398ef41fab35bfcacc577ddfc4a6decc897143283b10bf04109cde1b00ac57997a0be825dfbb0ca40ed8abd73d63ae2949aa25afa55c30b53ce74225b354d95799eb57d4f04e6d9ba988e73979c705a70c85f9efdb9d9741a029bbbd663fc8f332f6f19d25f85a720181ef60f7a233b9ef20c98f89ab8a5e1b32731e8d791f5698ea2c7ee17e4c3bf388f3992843282e1146aa4b10a227769c81de23bc238e737ad14137f0c5788884b14aba6dc874cef6e6833f3f28acc48c6bbaf65cdde6cca2b73edeb3dce75101a0d1468debd79f8928f48db99a740259b05fcac3b88d2cda41537166e5af24dec911742132c4211ab502fc1acbad9de2af0be1c81c3a540f9ef7eaf79313aefd75c741a4d8d9dd04382519de09b30969028290d05c58c98cf000fbfc45b11de116d20e13c17d32d8c1a365d120e7b26e7b234f4d0c92616045b3b788d764ee386dff3c72e03491702a1235daa6ae34dd0f42c839f51af1bf6a21fb40525a74eec5cb90a71297bf003424a90172f74c50a7d2b2a4861e80149c7826c64c1737cdadd3712a7c5be2d9f29b3651740bf2fe9fd17b24e27bdc130074780504b7fa56f3ca8bf37071b903a514f681a9b88a9aa88a0a92c80ff449d1701650f2c0dbf1ce64028e850b54be1c01cbd4f39ec1a3603b23cadc8aca47514187be1ead7c4f6603c53a24d6277179e53dc96707c7b45d04392c602f9a12dc099ceacb63add0eb229e21c18b6faa87244d4374b56c49088130df2b1d28d7a1a94c75d7134bf254d2fbcd29685a6731b0601696452c8a2d64fba16696a965526fbbc4ae05273782adb8eeda2154de96d800e77b20d80e28a29b03b5d47e107449cd7b9a616a8c5aef177f08c1a462f2926d1bff567b01bcd0cc3d0ebc11baf859f4540e170624fc7f001652af582a3a4c2d82f6f1542f0fc386c5f3c3e5de21c78b74cf0fa57be5d94b423a9978520cf05015ac56681412b130cbcc73b4aff5323aeeec2bca1c8a0981acd681ef151360f9c1db50dc1e64ece17baddba43eea9ae34a212f824aa7095366e2faac10e1ac6239e5954a0e1d89cfe8c8984108b2a1e5f341ef8c790f0771f1a12f1680961b38b5878fe0099bd18f6c089e2e16e965e82a3ad5b70d1a4f1f2ca6caa641cc2f52d6e9e96d0c421fa6a45a5642abbaa31745b5bb13e5ab91863e6587a15e684e7a87623be7d6336465c5293e20f3d681df93fb2a1e4dd56a4773dd82e8b6458e17d73e93da7d1eebcf73c7d24e9473ee8ea2cd1d4781e3baf48dba3184e36e5e2b254bb08581484bcc1cb8b40fadede1c4f4e7e539b22e3c46670a85440fe067a23212f3dcb4cebe03406d3c48e283f840a27011352defb36843537b73e8c4ae33bde6287c61ef3cbe07cb56968b9d4a3745d9131e89e1d6076dc780a596ca10ec5746142e221c122e35d2bf1dbc9569a166e1dffc4dc8a97d306a71abf61da9339fbbdc7a24f309aa4a01a578f7f0ac7c3b865381ae6d9e6004775d4c4a18a54adbb8fc7927383e09eba77101f79343ed71846638d3001749cb8a71c7bc90f87c7e4d7d6f70f9e4cdf65e0f9a8d58052945eb001cd308c186374088d8b81813c55449576316cf06496290f65a8a5f81f3feea7a862f501ab8f8dc22497054e40524e7e9a764e6ef6c5b2453a6e7431a22d92a72f8182ef13aa64e0d929675eec94025bfe35254b94ffc4b88a5b849bdd33ca38d8027a3e62d1c0201af4b84e1043ff8eb22f20ebbe0670f75267c42c8f241d4ec5d78e0ff4310a71370d0c7bacd2e372d422e4d68ac0b31bd6ed75e5585ab56fb90140b675468df5b111aace58f5dcd49f41efef96539a41f11a13858981fbb75e8f43e74b670dbf0ca8c58fa7e578c6271f69b5f1a0de01b9c36d50bff6bfb4b3710208ba4fce64391f3a3f58dc306de64465cd0001263db8a8a6e76fbbe6dd9e66e786be66f25748030a890caa0d5cb19a8b4883d9ec57eafb22df04e002a00648d65ee32f02d374826b9a268edd85786d84ef6cf035f1ece04236c29bad00bcf42f67d2dd1e2d5a21f25cd91850512492b8c84c653d46ef169184572c46a340dc8cc9c3d1d7f244efb36618501c07e0a9f136359f4fe5096133a0383d15d306d16bcf349aa98945884da7dee3e026a7d95c4ad0c0bd4b6c15ec29cbfa50360ef606a93dfb68075cd4f4ef087a8af33a05ec21ea7b195283da512ed87ff6ef277d3c2574cc8b52807e64f7c167e4837e7c830ec7c81c7727c57d68030476aaaec53cc92cce19e95a26647c1534580197d53225ec187bbf3f0276d456c6fa3031c3cffda006a840fc1a8339206a78ad7fee97822b5e804ae6c80dd14cc510457798747149ca4fc11b8b86768cbf70c93279cbb7fc9da713f3edb7a9723fd44012a96ef98c2498516db5efc9fea77384f7cb927c4737be18d630a145f038c9521e551fd12cc06ecad27198ced99cc2bdd5adcdf160ece13d9be9e8d3a506f8c56ad5aa9cc6c361737d0faf73f287bbaf49553f6195e6dfe4f7babaefd4718a0fa829c970f434a19675d373d8bdcd564f6c33419aa801b3f363e170d222d2b362f5b5444ff2ab9b33463b296272d80da81e4768fb2ce4c4deba44abf41bdfb6a95a0c8b773fd23954843441293be6774acc939cc789dfe9efd7d00bbdd7caa31103d78ba86b790d2cd1e9d0cec9329b997121b265513b479a5a0fa00cbb1c21d73dc3d5e3ea381e8cf3ac58b5b6c58b3864e04e651227cb088488db466c4c74243b34818606cb02e0322d2d0f86a2acbb8577766efab36151fa139d5f84e48412ebdf5250e23a8f071be0b9aeeffd947aedaa9da2aa181758c6f4509cafdc3cc805ab0bb02162c055bf07840f61838b7033efc5178dfbb44e54bf45720fa08778a379bd113fb3143905e916940725c2afa160f216d5317b90ad0758cb050471972bf9fd046b80f4f7e3164788233fda930ce7ec79ee4290a5957adc629f87ab147989179c95d66d096707ec8ad8fb055d83b7565c38fc1da66a705d0c238c1d8541d23cd9c3f2e745c4cbbf143861bdde17eff8762484cb91072218a94dc022c317ad472732dc8ec719be066174a09fa053c0d19dab06af465270155bba2c6f3afda1aa7a342b10262fe905f17ac44d0cf96e5a6d9f818b41e2a90283d680d3dd7e54751774a3f35e6b7d4dbec9fd92040083617daf638475cf29b1067300430c13611ce66dfad933e44c6adc5c1fa66f42d162084dc876b44377b0f64e36c49d1aa1e8513b264d22044389441a83257e4436f50549fdcbea69a62e07ccd178e105c1321ed644fc4d0245d63267c8c14644f8ea5df14dbe90e1cbeaed8e1c054569b784b23d4fb60eb445eecfe95b37f56ab9ebac8374ba64c321f6c1fb630aad874d274b90d993937add491ad97adc8ab9826ce5db77e64a27349ee2e7ebc4b3935b3eeb21c0b812cd30848a815b68410b80a9730bf6ba480cc4b322402a4afaacdf381170e55b337a9399504231773ccd9a69345a1d1be7f63aa7dcbb1dd650e38416c5e7acae5c2bb377ccb6721a45ff31bac652bc3d4e6e0b8a08daebd4cfc7d6664bb5cef0782127de67ccff38a8ed61c72e0e39025dbcc092d728d143e1a3c35769d34fa8a9e270863799fbf24a159010e2049d774735a1a20e299e95105d9687d840d804e6ca23551e04614b658ca264dd36ee9cc24252e2850fa491c6f250a80cc0b1a27d9766da4b701a8d38342ece11adf29d0acefab8fd7070d3db6f28cb2b5f97aebf4edab5fde6be12ac0e7a63fd7c0b6a409ad3a94f1f4a110783b687d865d06fc9616ebcc222c27fd09a7fd52c2db2654e8ca99224122d6fe2cb221c3e4979002150f84e8b1d4688ceb1033b700e8d8bc5a4d79fbddd60b7b80e0a742c264163dfb3b64fdf3e79fced40dcfb3a4ab23eb57e445dc58cd83531f34658eca3e184570d746cfea87a8b288f99741252651442e8368398943b39364998dbfb5a1f5f3147c1b10d9c76dd3c4ffd31f6eb5f918b52e4f45db86dd9709e8ba78486f8fbe2c482606c0bbca29694bf14363cc44ed40f7c29c81f486d5fc7a889d1d71022810fac2f3ea4b513d3985558f6d43665e6f5485d298235b8a7da1d800937fa14a24e573fd28195ef1811642d14282b8218667ce181cf5fa0186d40983a4179596c8670051017e09156006e147825236150944b5b4bde2807e8881f32127ce4c01a937a787b7f4922d99bb6cfa0b304ddc44346ba4aee28f3", 0x1000}, {&(0x7f0000001480)="4ecc49a22005a3eef27938b9ea703b7bef4fa30c8c8a13529937cb022d90497fc81cfa03c50be503cede20f51941b19cb964e35e2a911cc096ad29f3743708c7abe4f7ae998ed68287c5ca0c7807d0b3cc35197506566cee9e6d2b72c7c1c166c318a399bbbd3ecab1aacfd2b2d8a25951f941c34669ed4e8b3b57e08b6a6cfb0bca042c3d70fceee3f5c857f05bc08ed7970bda6dde41a284580fe896b696efbf2c467ddf47567b80f725747fcd37eaff85a7ae424943f165697016a64dae983d6ded2d114c3bbb9be6e21bc42cbbd11ecf29de3b9bbe68f5", 0xd9}], 0x4, &(0x7f0000001580)={0x80, 0x113, 0x5c41, "97cc656b603c175630df051aee8e154b78e9ec5324910166e12f3861c32b9ef844a10801d4028a7fd6cbd8b3e2bbd84c3d11c349c06d27c354552012d6edf9d014bbf94bd3c8101facf6ce605152b47828e10b8fd8e464ceda03dde37f7a8a6a4bb4f3b1c1263b4338ba7283733d65"}, 0x80, 0x4000000}, {&(0x7f0000001600)={0x27, 0x0, 0x2, 0x7, 0x8001, 0xfffffffffffffffa, "04a51efa46f5dbc51b53de5a4d34b5e3091b04e10d5e2f196f25a67f867831018e3af49b8a31b66a0cb5a0f2af20cfec24e6b4c8e6aa8bd708312c4bd83864", 0x33}, 0x60, &(0x7f0000002a80)=[{&(0x7f0000000180)="cca45d712513", 0x6}, {&(0x7f0000001680)="c3cf79323c0221c96584ba2e", 0xc}, {&(0x7f00000016c0)="d544a3f5df4b5f4b48eda69acac77c3fd9fe9f4e0a90ae964114991a011d133a59986068da19bc3ce5551df97edc6b36f62f7b0a5aba792aa87f7a1300a819424323ba1844311f682cde5c55f2559fc1dc3b3c797981636a39541bf3e301345be7423228da8f7be4cc2df4a82a2e69749b336f8e07bba7c3c144b539dce7c2dc008910815c9388162b57ef781d10f20002019483000307680da6f39ade14b7a98765d99b1090ec353dcf7aaf349b46b642d85f295305573714750876272a1b11e3afc5040cc8a745a72e455184aa085eedc0d1a3a6bdc179a33e5fda9297ade64c78e08a44469447fbdef5a80b17d78777abd8b049c50c7f5557dfb552b17e1935188dd4a56facfe10ad5b4c121eac3a1bacdcaecf4d2aa0edcc46b682617e132f982be5ccead80512c10bbe8e80eb4a25591e07171c62002d4abe8e1024291ace339d69386c07b5e544665d2ec5d5d41361f2e3f680cdded121f311fe99d9456a561066421b7a1adad121805e443e4cb218223743c81d91304516e1fb4fc06bdb7c62a7efcae745bc05e5bd3bb1e94c5cd754e8353e4e61636968b3c1de7d1ac35656b595d6f101392161ede5b2dcc7c9335ca8fc62e2a1ad65b0863f0c7fab851ddb3d0dd380e1a25f29fb28e85156551b69378780060cbbe7926bd34a311aa3cdb34821fa78ce35721a4602f39f4ba3ec86ac6c948195e38b1c77ad0fbdf582bea0b4766519ead9a38b95985bcd82fb4276bded1595527e96258c4ea059a0d5a5dd9319db03ca929ded15a3a74733db1643b6bdd41c0550ebfa70bd749e442994df9ca9a9232ea48bbce4a1bd5f36dd9eadcfa53a8ed01a6afe94ada851aa19b756d22e56cb16cc77bcbed97bd9b3440aa51bf7f0b1bc2f73eb229e727f97e41280fc50ff0403e64d3f95bd6785b69b5687bd6169f490c53619e56654f32d6f16ef991954a77a40c0be5b0861a05a5600d0d036f9412a56541545ee190dc409fb5c36377746afcfa10ddbb5a9801adff4abe2f8b4964125579906e3eac451df659dc5ca10973264aa5fb07cc64b341b3850b34b29638574290cf95ab99c27b17d88963c59c9be655e3a5013f4c5ffcde1e8f3b9cd9c2d5fe119b2c0b36db132c0478385945a3d81c4e8aa3757ff4660a7498350da54a709f27880ac518e93abbca088fd511c17e34593058794fc16ef02442861b528798684400e9620d7954f6a72533f52399e7d76b610b35ae36c56f565262059f7b9e3122e3f1f588e094b6ff07105cff5c47e3b327aa389bca4f102199819b300324ea5dc4fbae78154ea38c0bf29681edad42b9348aa3c29078e62f9e619e732789c34d1bdf5e2a70bb0666612ebb1141bfc77d5748a2c65c0dc2c339ffe550877f5e683092b75145b97419b9aade0fa52470a15d5b7cd362128344dd2041972fa9bcd5e218ffae00f8b72ede6893c2a9ca7d616f2ac3781665a0d2584f81ffa772416e57a5d939f4b1ca91ef5c63aae3e8d89dd419a110ac3cd9bf8cf048ca116241330bbf46871a21414ef6a7ec9a98a1923387a734c9c328031680c1c7ee7ffa300bd4114448a7ed48fb6ba8e7aa0011c111ad96a63a2d2d8c6276068d4a5b835a20305b10cfab91233887f0123238a56d027d1e7668c6a1f8f26ae4621d545af78acefee41cee638d09fc3413ce2a5bd0a8a7e0d191e5ff2980866fab7383944d2c041f1fce642bee534283de4fdfef059f2ab38ce95eb1556815e039d6e438fe79974e609c44ad25d28839f0358efc5347b4070b02cafb21ffffc04a270c08961f07b29aafaa63718ce6727ac93b3ba5a2866832f54360f5b4224dfcb6780f1bc1c040cb9fb8b61b7435cfc3fcfca1932f29a23deae7e3fc88b17aa5d7bd396278fc02c5f63ea286a61c2df9bbf05c184c4ac813f9c8dda64c73a93e14f1eb3261d923310734eaf08c8a565e53d4c5edd51d035da445860bd8370882aa800e335c3da8dd714d4931f4aadf5c311267d1d4d3a5cb0535b605bb7d95a56ca2c7cce50d42275f93827c01724006239b88b437d3384eb58bde87df9017969b56829fe18209ee4af6eca65eb47b83356b5b0fbe3749cd4683c38240b5481349de0111f981103c7d8e05b06c7872df861ec7fc1623cfda2aeb54decf541379f36a695a1843528f20417e772de2865237c45ec1da99bb753b1880831fee74e592530e78c171d482a3a049c756e2dd6f4e663f7c630a631727ad7b7945642b205b6c4b09c3c1d10383a46c0da6339f8a5afc3deabfc478d63808c1e763d66dc52965ad31fa653a6614e2800c84b5177be7ef6f4c918c9cab576ce5bd48dc1c4605d62624358ae63d52560017fb24aaa36693589c1775eec979ae1708bee4e3a97d9363aadd942a2ce53676f4fc635a303e0e350b448c420bfa77a6a90cc33a3e761dcb8488492780e692d4d9e38877b196bd27944d7828340b68734f2c6531c5deb8b58b3019481978d7a70c1a30d77a5bef4b038f07f778f32f77082b40da8033e11642bb1517ecc88e686ecaf367e1945f3b11f1f914f4751f7aff0d9d8e09d5dc118ad5f9a979e96706e3c593ccc4b581689d9374fecdd16505a1ed371cb4437764b913a16aff6bc4c34df18f6460af47bf92cddadcd3de7ec65bfd767db69663824cf2726f18709b8a4ecde64136f0551b5fb852982fa985d8343ec2b1cdf3e6fb310ce2583c540d8859f318901942a769555de7b8d125465298d975da7250aff5c1981a3bd5081c34cd24eceeaf99d9abbfe5a5a823f5c2ecc378a5917f222940a6d477cd4930d578332353219e134c0ba0919ba6dbc67caead00ec0b223194f083d1f645a97154aa67ea0bb162e8368a9a6ed5e45d4f2edd6279bfd6342d23ac2010c13f571c759b787a7b470e2bcca55e25f353cd78970647fed28a033816ff1c93fbd76feb51c5c9a37910c36530dbdfc21fb6f00dbce947991db706a2c693522eb3b17c5be715622a5016a2c30b738adce38b95dab09382a214f967cb18a1d7d6206a0d254cf5f44e83d8a58ae5255cd6ade79a31011e9a3d42cbe38a0ecddcc19ce53bdff35d3f271c21f03423636e3b70097fd9df76cdce2e38eb858db12d172efb3c75814408cc68f0257e9e9ab58600e063edca03a89382a21815470b9625200bcd0675df61789011795e9165e233711314a61692b10f4fa937643970412b87d90931d68499c1bb8f71b59a3107f9c0bfcf57985d595cdda52ef65bd1682e8902d983c623d9c5d3e01442622ee0bc52dd29deb32e984ba4a9cd2be7512da75d843a504d70f9c0769420b06fbb3c94cc2fe2d85ea0e23ee54eef7c2acc0be90a292fc7a4b8f388609812e5edca226a263ca49bc2ef40b304e04a93e95e3e9fe4d04424432f6e8609f68db7062a93c0fb24df1c904bf381cc8dae719c700b468017c0f147e4e43dfa078164f29c6151c06ac690d5a53a7643c06577a8dc871fa66f65449d2d785d228ee83345108f07f3f2c9bb4bdd418f3a1f8698f0db8d27e519610f6818d18ed4c9a27d2096c3f8bd5fb552eeba0e342a6e056059c272c48bbd77222e6095d99f68ebdecd8ece28e458fe4f846f6e0fac2de011bb5bc91235a5c7db9c5572464b8d4ef8a20bc70dc6ad089c6089ac7f6743123d93090368899c0e0f46e651fb7d32bd092787f2b94e295aa6feea81d5db98d5c5a0e39d22da75a13772c69aede048271606b53ad1cd67784ea51732b36ea4b536821deaf3a97d492a374b59bc0a030c0739378421e3a248eb3a9b2e41100d3ea4a622ce8fa85b0030d269ef7ca29ff2ef4d7c321b0d70257dda9f7e01f4f0aa480844cb25033cb6adb637cf9a9ce69370eb23a97aab4c4a25e82fcf8d568a5a00d51cf6af61f12816b1402bc557efaa7bce5db22b1f8f5a721e0246245ab843a13b0d6860edf92fb8a02dd11a561aa238d3b80de2ce0b875698fc3eb4128aee699ffaa5ed2410ce7f938d3bc70fd19c7ebc60e1ca02998381ef34e904e8639286044820e71993b37e7bc2024c90d0a1a3a3753c848bae42249207f59194a4a6f67968b37a82475b213b98bc3d554d5e6ff6b8dd5de2a9cd4984cc2368831f4e72f77ed3c3e496eb3e727edd069382f7176572ca3dc0d34c0c48df970e55c73ee36866ded1a62e02866c245b94d530cd9e6fd2b79abf8b236ed1c4a8d4bb821c1dbb49554c342d47ca36de17ee9a07e688122abee151b7d8899d06fad47ae78a7ccf19b39e5aef609d4546a5d983e441602b68edf1c4311dc852a4d1f853065146ebc9a43242e07092570240402bdc2d364dac5f28cba499f55dea9424dacb924b155ad7b4523340247401595142fabe238a1ef2a9efeddc1a5cd51c65e6966a9d5a3998d6e37398fb9ac0b3cdce9ad0b32cc840ee36dee6a2387a062caaa640fb762649c831f2c0609527d1950a70836475379197d38096ef9099a8586b456f09cbbfdb02f3aa75599f07027ef5d217f08ebe8caa60ed334bc81efe3449b5b08a1068eb53d9ced292f2aacb044112d0567b5b202cfaf0d50170edfa273dbb067e720d05920060b296356ca2891ce29822c2e62b22a3ac7bfce1698186935f4e78a5fd2e585eaae21fd4e6b2f4e786fec3b4434ba73093da9b286397b5e6b288e782f9f8864cd471f0324221748845f5aeb32dd4b1a2685e5b21d5043530d624358b08c152658252503d2d75211b6e4c7d6ebec572f0ac593854439eafebad0b934080ce549b08048d5a78aa6455810228fb0c64a8564de5b6fde0e50e86124c1bb085392ee7568786c019946c474cdf14b3840917c3b949596cc3ebf41fe8ea136f2b14b5b8a2002a7ccc60a829f7c41b7abd89edac873c649e880bfad288682c38bf95963e246bbf1dca5b8f14fb59640f5ced66f21bf3749ae83c6fa8e80949cf3ec5b2745622109a2d2b5f648c2afd275f6ae83bcdaa476258d535a86b558f91a6ba0fc98eeaee7bbe6025098a66a3fb703aef2baaa73aef6bf508cc167a572a8314f1d5332a36cf84087cf6a450f8ca4a84a801703343b4db16ecf69463a0f8086a18defa32953949b3ae4d276e366049ea231a3e1bef572801f00895eb0b97225d10625139ae7efa2d12842d0d26fc2e728295a8d057322c610d6ab6c7fde2af3ea788d6d04cc93e2100eaa35889b81fbdf4c3715be571543e6f27d987e46f8b386b4b13edcd6ab6252efede1c743251c504a384bc5d0f8932473e94951e4503947d514582d7254255da85a33b84e4799ddc7524c6942913f7062555e6df8a49152f59b28c889c7c7d36e02c5c8e8150c699330b35c2ba328586a4d395e6bcf2626e92b127494e74c7cb07c05be44e1e411afd0cdaa30d69e2b9daca14871cd6c404be0e3da9d5ba70362b9c7cf5a25aa01fe2ba349b24c9ab4627fd22c2f5cfec8508c41668b0576433cf9eb73697233b0dc55ae713fecac056fd8b9004338e9248cdfc4de0d60a1ce986f7699f5ed2c98db43cfc521216b003d51d149010f4b4cf57079902a95390e95350557b1bc750e11fe7220211cd7361e70ed8d3928972138725d18902e68549dd6456f6a334fe2907a44c3211095600cbfa615cf4f0b6600ca81206d5a9ed87d840cd801aa9abeabb470c80b81a50dbecc1befc1a2d987532fcbb86adbd804e53046aaa539360e8d8a30be95c88609d2fca4fbba9a6168f3b3325b29f1aeabf7e68ef10a446e00ee5cf25b5d15a7f9a536fec8493e3b48f4f58bbf86d68e8f7a5342e23d40a3db620a172d892121a192e24d63c24680d147614cadec84", 0x1000}, {&(0x7f00000026c0)="242fa4a2250b82852a30b88c1959d0c9f252e48ed4132f49ca04952d26effc9e1542f8b746e6dcde375273d5ccb12d90ff14e941273c49ec0ee73bbe61a83a6b82615deeaa59cb63f9a5b5dddb030878db7015d8385d03fdb527c6b4bd57bb0894545492d8cac8c51930528a104e68defc87fee18f055508a3142cb3c3e1bea3dd9216d8b77735c08dd0f443336a7484e903eb02f495134c18b83c5cee92b3b8f355b770bc8226bf69ed22ceaec2ca827eae8da258bfeabfcc67076af71a75f6b3c4e721d7eaaca03f790253bd15219440377242438b4315468a65b082725054d9ef4d10e31b029b405ecd51c646f1e5d9c03b87cf9299768ad3a1f451", 0xfd}, {&(0x7f00000027c0)="57aa3578ceb01402fbbd775114dc6cde37839a74c84bf4ad989fc49fd9960a4dcfb096c672e6c2ff1674346bcc528ca9405eb3c5238631bcc211f0ce7cd013e757ce6e0eec293b758f58998759160aba3daf90baec72aa57a46031bb541e4002634fda870ce83a58ac2667b260c2c693c194978c7bfc57a78af83db32cdfe6d854957dec0d28e199d869354d1ec41f0f7426942523036da63a1efa8a7c42ffaa8941b5a7", 0xa4}, {&(0x7f0000002880)="11bf38da593324b024a6818fe007deba981c817e51360260a1c7ed19c0f23b4f64048f8817005827349dc994362d3deb77225fe65df29693a5a019381ddd0236f8850e95e65590301c6fc9b1efea6a6f3266f9c9a929ca2c212b836574bdde1f23a74968697b5ac78c485365d0da36a4c83456e768ffbfd4526d288ddfe2c83a51a0f3fcd947d33b404b98f9d401bbdab78ad5fb0bfa5bcce0ec229cf368ffe83cd3f09b11f0", 0xa6}, {&(0x7f0000002940)="34ba90b58fbe709dc13d441d89ea132ee9e251b6c56ef8d5885dec4a1425e8325448ddae9a3b31045c41548ea15d60dcd6ba4cdd7257db8efafdcd0a645a6fe6ed3dd7a4295714ef80142797f55930a170d2153e7fef67664bf0fcd68e85bbdb1a9f1aed057b005b3985ed97b0ee2d4478fa1367aad0a3d4c96e0c8f9f9fe15c29c6cea8c64744f37830424cf9befb05c6b3a14bae63fe784717a31ac8661a7da98b1c2db2f04e4fb0c16b84780948247226396d71112ad82088c7776cf44caad0b826be34a89eec8baeb35f83f1517b5130753cba86d7e34137aaa47e21531489df6bd06a26dd81db05a47e4c9727153098a8ddf0", 0xf5}, {&(0x7f0000002a40)="155826c252ec41a6a127a96b860176731074e5ec0680c3baa06a33", 0x1b}], 0x8, &(0x7f0000002b00)={0x60, 0x0, 0x1ff, "b184561902ba1c90744cfcc6e11e72b7e3ea0f50955c3b487991ad20e02e07a13b8a806f64a4149ea0eacc4ada7841c6b45b4bc3ce64cca347199c80ad00136d51018c01b02a470cc67d"}, 0x60, 0x10}, {&(0x7f0000002b80)={0x27, 0x1, 0x0, 0x3, 0x5, 0x2, "7735f1a6b3dcd0a7e11d5dae7d601118ce6f2c5ad9c54e1b09399742a11f5dc811a4bf5e33943058020e888b1a9ea8282defa50106414c2ca9465a9fdafd7a", 0x34}, 0x60, &(0x7f0000002cc0)=[{&(0x7f0000002c00)="c6b3b7ab26ee44e566a37aa5fefa4328959c3a11", 0x14}, {&(0x7f0000002c40)="c2fc48d3a11e629071ebfa0e7db396dee18892476036bd14df024f8c7e0d6c29079c674aa6251dbc78dd6047ce0d", 0x2e}, {&(0x7f0000002c80)="3a0e96096c", 0x5}], 0x3, &(0x7f0000002d00)={0x50, 0x10b, 0x5, "0bbc83702643991d5fbd4fddbf100b7013c61e759ca87cad0ef3c3d77ee86f4de1e78e3bfcbc693d6e76814511db823e018ee18b37266bc02efd4fa2"}, 0x50, 0x800}, {&(0x7f0000002d80)={0x27, 0x1, 0x1, 0x7, 0x0, 0x3, "e64090722c9a118693de6c6572c84bdc34e4976131844573ba41ba3e41419958b4b681552993182fa518a32c43d94c391030b43b937522ca8dd66ca6eab969", 0x22}, 0x60, &(0x7f0000002f40)=[{&(0x7f0000002e00)="da67913f603e7785d3bd60bf71b3b0eda2e6301406791e4511e6435d02548f70804befaf3921f0cf24fbf5630357a126bd184ff9a472385746db566e44d928dd254fc5d00fe892b0cc6fd8615199495e3b8442f5946eedae2d6ce621af6be2d216de10ce60c0bee7c228ef72dac0329056f8baaf15628b291e4537ee94bd53b01a6d4304eae5c1f15c7328023d2cf80ee1b4a4777f43aa5cc86fe4311c350be081a6bbba0b8d39741b6679a9dee794e4c67658381d9d50bdc29cf60f08b25c", 0xbf}, {&(0x7f0000002ec0)="95529dfade315df8e5ecffd4a421c1be8c19410188de7bcd05f373cdae0b40cd424a82fbc248d2d4e3", 0x29}, {&(0x7f0000002f00)="37ce2169002278e4de37dbccc37c4210c546b67048ceb38a1ecd79d79f9d0015911b668d4362e7415bd534511e", 0x2d}], 0x3, &(0x7f0000002f80)={0xc8, 0x105, 0xffff, "88b206a02614f84ecfb3df1f073b30785a3e999e8c31474728c45a9b254eb892f620d9d13bd9edc0c69f67bf541c8b0dc49323900c78878e43a227bd9a926830d6c3082033765f11941326e36f7f234e58ad22fdf08e571172de8b020f4c1f9f082195c46da22a7db7b6d58daa10037d6939d470d04a3807141bc23b81eb396c9e6afdfbfe646c7e20e4e09ef71649bde442a913c73ea5e4c1858764a831636f335f4572bc17a62066621204a07fe26d6d5ab54e29"}, 0xc8, 0x4}, {&(0x7f0000003080)={0x27, 0x1, 0x2, 0x5, 0x3, 0x8, "ff099fd7c42a622abd15cc0e0aa56f37966a6f6ba46a2f0e44fc4a688b5e327b6c7a04e4b26a78477ea38d5a79c4d8b3917e651de1d36035b164dc48a0e2ab", 0x36}, 0x60, &(0x7f00000041c0)=[{&(0x7f0000003100)="c3ee7d092774f9d8310092766c8b26c16ef8249a762d6599c82858dfc8fecca15ecb25529443bd65297473b62d37b8d8791619210b75c2e7df5c84c25f055f4f47494d11265591b51529c1d82f7448a3667b5f8fd99d967f4fcc7c87e4763cc0cfed429b26091aa8748b571057a96e9967d9858bac67e137835c30b2405eb5fd0ce5d3b584d3facefbdc7c359cc6345b82b46a4dd93010c7c08da967fde961703ee1955df27a227c2cda0b491953039f58d94ee40fa7bf834ba569b22a402cf6e6917644734080e4cf152ffd48007b7bd869041aae2294254e9900f6082aec755a434d775d07208d3bc370ccab7ad05d1f5a5f6d38a6629dbf33602b565bf7fa37b12caee1d9f09962a5283e65d52ef3528fb1fa4b37393f8ea248602af6a9f33b4698c19b8bbe80ff566bbbc6095aa1d5afea972ad46699ada520f3e63dea6e602c1dba471f6e10b7933ca4ca9a35d8aa86e3eb9e579cd8ddda835dfe7d2dda9a865531cbb38b5746ef343cdc00014a856210d3a79e91a8eb16b214abea119e702ae1a6bf23c7f2cc96821322bf810356b907d1a5132b0b40da677e44e9e6d464a3492ebb7b5a8d7e776237120deddfda78b5062e3cb22991489d46ca048d6f3ec2d64ae374133da3308607a94189e9db283b890cb1e564a6549d93a67a63eaae37ae77d7c5c8b48bb1ab0597870c5ae2b4f89ba1cb5246f40d5d8024ee0a3ac8d24ed121da70614bb752131ed92622f7d2468599e1e28f7027d08b6822ebfb025c352132e2a1a9aa330c786e6ff3f45bc6a4ca3d0806c364b2c0e40345ade7fb4f74c24abc53ccb78e78802898a2c7b7010ec9731160aa38d3802cf58610f9c6278f0a609730ced97051efe8243e9bd3bf21cc5e304c537f9fcefc3ba8a25f15aab5a5166503bb1d5fcde04b63c38ab5894cec1c810ba74e5059e218810ec84ca4cb2d2636c9403401b297f28c8d4c4fc43322cc51fbaa5afbfe47ad4fcebccc1c13dc1048e527b4e859f5ef389df448c44e83b2c4ab9799d3e3c6665e3f95ceaedec05d067fe14122893a59dad5e69e188588a8e78c89423518a9eef9f74b3b7811eb16c3487f21ff5776d4278e621317b75d78e05ebc06b46a7d534acf0cb46d17b9c519c5b1a59f24198be39dc3650677e443c607f042ab2a14a25be44e37a93d02d25d964186d57e6b5ed3a3cc425bbcac69ac5912ff17b9cfdc2093d978e3b0f0a264aac3506011e502247a62897821db429ad6be7022d07be6921879e16c81bc581db14ca9eb5a9506964a770f0042df7a7dfeb1603e52b41d35d224b7d244930c8a92c23a8bf5237c4e59b84e308f6985c30fa61bb85fb1141f6727d3a5f5ffd557a841998f37da47ae99541fdcefbb7ba2f1d03d67fc04df01d70d1f2a6a0ea779b7782d1ce70586e762954fd58083d38811bfbba9a1ce2340ae3989e847400402750b01a56c2bb7dcd8d2c3f17e3f28c9edd9c7be46217a6197cc25ea629ad28c1d01ed8dbc13bedd34aa35eff7236bab7e6c064232cb93efce4bfb147e4ea90c7a93a1eeb0c19caeb6c7023045decd25a38a4ee355a359680e6b9f902ddd87da0ea4c9512ad8a803438aacbf694ad184f41aea20eb7a08ed207cbfbe9953bde34381f27c9a3fead987743f8636bec45ee015fe69cf5ddbb37e46c783c38d9bcd49b53fd9be7b4dbffd8926c69bb8a56d35ca96bab8eaaa8d4720e0de3af001b591e8176ca848d553bb3be6f471542f22aa27e1678c7383e90eafffd58206207e5e0e300b474868a38c8d976b17868fb22005c986fe008795b0af391b03a7ba9cc946c16e40935bb08cfefebc0a1391ffacd006ffec197a8599a4eed7cd8f880df0a2c221b4355a1855e091746e145e7e23b7d5d1532372fe73025913af542aea8cbf8f907d8ca669d56c64809c26363695bdc8ba979fba94faf13f141b5ba216a4c48aa55a2acae8cb228356eea5bee596155933ce7e23780ff7f8c3792f64973699ba0f39775ea5b1858337a3dd1ac5d3852c1c913c9bcf27be1d7d88091b5a9f67ea7cd52d317e80c0a283302c3af5df49cdf9a99b9be099756cd6b63e1c5030852ba8a0ba0e25f0d09801ba7d8ad874020ae7e78edbeecc9da767b1c972e06e54123bfd9209ce611eaf41b4fc841f30bf4c82bf657e3ac74360dcff231021745a91beaa7a4ee14dffdfc985896aca43e4ff201f55b3c3d85fa3f3bbe06a3a41455f3eda34c814dab881de93483179de2e09be2594373126750afb82158d15f650d3bdd7da0bd594c3d8d99783dd3caa4869305fa0cc55a35f54acc0a129ac41976234e54e7b9266bee2be5444258ff06c83d0c7d58b62b5f00ce5f0c131dce784a215478d5b572245e7efe7e4dae2043ddceddacd662cf1ac9902864cea94587573dddd2eeb51972aef625c562ebfe5ee4b40202f963fea2051cf61b8064899a99af8d2529ede6b4635d52187c2116b1aa61622a8a82ea2b08f32557860cd5a667fa427d26862620c23de26752852f66dbee299d846881428a172ce50c9ced56f980bfe0c247bc3ed09fb94a59146ec0a1549a9540896012dde1aba863efcb25a50a768f5a86ffebe541548eb03156122adebb15e1ed7c3d98e03e5b4c78f880e3951078e37c3bfbee1228111c7ad1bc0d7d1bd5e6fbc84cededc805120a6826cb6a9c4ba515954a11b5fbf52a1d57c47964f4e5fd414375595b04edd521632b28d370621ede14246647af94f3f5593bd55f639ba8bce5a7b58964412ce67a293cd597981363c99562c3629bc828052212f0a7c98c2e543d63f0bbefe6cd3846f94a56aea1761616d7740751f9d9d5df2dd6976f5caaed5630aae04851ff9ab252adf8e814e59b426e732106f3d3453868211e1c3a290217f8aace742d0c7bae0ea930fcb57c748b6acd29f0845a917a26942a799edbef130c3bf3ab1f5c2cb17b3b603b77af8669a2f9897445fb3febd42383644e4750ca62605dfbacc726a745eaa7ebb2c7ff5731b430069d3f74ed491f9b685c8fe061f9ae14692333c08ac7e824c0c3fbdbb63986365ea1c648a818cd6fe777d29b9f894d7402a8ce21bdb8671831673aecdb83329f97f5631443b71b3cb3d5314564d41e790866536a6677a2cd0448f1f913254f01a214e79af0bc32cfa46d6d99bee02edd85268c417b4551459f72a28a32695944fe38e5c40073f5b7af64dcc526e536801a7fc8521ff0825f6d14decf3bc53f192df672336871205adf5ae40064e286d7efa0496aac764603fcc1439bb10e2e6021601b6b605210ac3a60b41e79a860e8aa551df53b19b3b94457758042606e447fdc260dd712ed55eabe61ca8f5cd8511f812b91a7d626a0a9fa6468130844c7a070dc2df2856f883c54340a896e6e993c937a967e7e08f06db018ceb0f1b2f86d7d81f471df527d754a241eb9a7e52eaa4e7cfbfda29f5cca7e77ce70d0dddc34440ed05c9c737cfa1ed37875bbc18ddc00fde407e8d7841020012d3386fc3f9573380f67e38388b3f0014ee700fd5423ac7d0e566b588e74ca02a7ab74ec23f7928e40bae04a4742d0b617d39d6e372a2f9c00ecd3f457d68d79012b7e94cb741fc8f4277f541e082a0a7684c53970361460ab604e18c86e43147973385522a017b56b7d9d2e0f801b15710fb1ca0e56fea85254aaa8cf5da076daf5fdbfb2e2842aed2301b11315ef44dbb0ed50b6a66f66d860751bc57ad059a429028def54e2d66409d8e432dad2fc8c60bdc6c8e4bcfc7a3c9bc66c4da8c8cf7546985f2d9734f4cd1298729f39af2bdafcf55e07b99a436fad3f9df514c08db1a3315964957e68c01125f39b01cf3230e12ec9790b6aa62647345f3fc21e2aba39ebc82b0b85db3d17744fe0a0006326e19b5562c933b2d75008444cafdbc7886d474bf5e9e5252723db400657559220f8f8eeccb5c43c0921f88bae8dcd91ab162cf63c9d33efc80810a83d17c2edd549e79d21c77a2f6bda3c68670a232dabc3c6eb952daf6167a31dcd35dbdcd3599205da593c5920b0dee2bd8232a557da5906c8473cc2a8c65a6248242a759dc02c7dca22aad64aeda5611e37e4be70a0e0067ead2892df5990cfeb105ee0ce96bfea7d9f9e4d72da4fdce1042e6ebd8a8f2df83900185ccc5d47f0ccf1c74277e63f32b43b8c700e70dbecda14c9e19c3941652a2dc761564d032a5c66ef5fea9a0440ea9037163ef6c1dffe0f79e24a75b8df4a45395d2b85df70a363dc979918c3286ba5a204593617e1fff97ec164d9d9f8d2f4cda59239cd7d9e70be856f6d8be18a72d5d2c7c680a5be7e15d6630ec52d22db9620c87c9ef2aa81f6434d6ca409072a813bc8af8c20d83e44f664d1797d1069d6e202ff52f06868490a3e9917fa98122c05dcb02182873873884845b60d7cd77d14010b16259e385a88f5489020e7e34dbf8ccaa238c59d2b911c54f7e1e9fb9f0dba41c36938426b3345ea604c931dc4031d62592e2e34c853f6ebd28a954509cb0ff84f6cfc29af7e6f549d74f6d1527d07751c959143dccd30279911b6ef28af71bf83e1cc1ef07adeecefe7c4810627e662127e0ab61b085278795933b0f430ef23399cb2ea8bdaa0114e9d8c46bf65f8f1e21d297c3341ee2177f0bfa09a6f16f1b8b71baf2549be5a27e1b27d382d52d1c7c2926f0e7028a0c6f08708dba5f3fdca2bb77db046b781d83e389d71bc780cdbdec4b8aca07d3934cf149d05be534cef7cd0e8a16be80036ec36442cae320b43af90342fc16775e51dd47d375329a7f027d9ecdaa481413482b3311386360986c4a35bd9f59f224eccbe1bc315b79d62ef50987b00eaf3f229b9641b0ad7f6aa2a635b7007071cc5f56a427f2ba63b3f9efa0b0821e5fcc62bb6ee65ca99e2b5d19fa18179d7761ce4b1b98a28c769cd40c006e19cf9bdf1cbbc9d2a0654e2ddcbd67a9f916ae56b9d0067605fb8a65d22cceb74a1c84ce608e78133ce70cc043dcb21a81669ce19779da4a38bc340e2bf1ee0ceab381d642c3c4c10a8dfe2de82cbd590b172ffcf421f79de8e7a560c242971bee91a2ce1a180be1f1a9cc5ddb82b216ffacc6051228361faad42478d8f32915045c930519064b6915ef47b2eef664faa1635c20919d103f9cee7ff88d2105eb99f3ef3676f90aa500f29aa4dbea5ffb33db3567e676e5961ebf2d50c2146a99f1762432b55e73f479bb533ce4b1d959eefe26461028390462e0a2ae71292ac65aea02f075e0796484bebd7bdc6d77d835067ac0a3303340276d5b0184419fa2a76c26796f4c7ff7906e379a292edeba7fdf1e1afdbb75b9ae448285c160e31bdd58bdb21feaac46a8dc211d48b67953f6b8d9ac77b4df14c43c6c03900676a90176b07330058f011ab00efd673f2ebbe0ec2c13f2b0b54eb926863d4aa91bc506f9e62d783d315a1c4f08cc416da347a11619386156284ff0e4dd66280a2b70c000c1b0ded6942c7f39f2454a6fb75d34e7731310130ff15b840ad224a8e9b9958706da3bb8709214ca0bfc21b411edee23ff5e3fe687c4053fce3c5f53c56467acf8b94a6f4e015d9e8cea3c0e9f35a0c40a7023fe2fcfdaad894a09f23bf0176f02940a756b04e78394dca8746b27dcd24854cdbdb4ef961f3ec0f97a3a2221491ac3ebd6416ba48805c74bb9fe3ffc9a9013455008b1520945659032b58fc92e1e40b593fd26672eaf242bf718e48b4e241c08c3129f010b8f1b0de866fc7256843c68e69b3cbe6267c91c8a1e8e4678d77ebf4c9d318d914ce20a68ad478a7bcc", 0x1000}, {&(0x7f0000004100)="8255b4075362fbb25215dcb4509ffd7fb43656a6b4dbf90f24ed6325e479c7d9696537fda42142da24acd75de2592ab820cde9b3481d37387ca110b6beb5d6d4d51a7e5ab2f2fee201f4d1c483fbfb3356587aba2acd3eb8cf007e91f21a774bc8786ed29ca9be1269c4112eb10ae1808ef9d5811764de6523a39134c923776e6844be215f77416eeddd54748f93311ab407f2677b22feae60051acb08be4dd863b4e131c419aa59756dfd56b00039d16d602bd2d8c8dbb652efb5", 0xbb}], 0x2, 0x0, 0x0, 0x20000000}, {&(0x7f0000004200)={0x27, 0x0, 0x0, 0x5, 0x5, 0x0, "fd8228975ebe866b8885c19c03ed16286d9b27c3a91964eb0abc2dc5fa6df246ca3e432e9fc52c7610e8232c26a895c9054375319a368c14c3decd306d9967", 0x31}, 0x60, &(0x7f0000005440)=[{&(0x7f0000004280)="631ba63dd25c2ea6ee2da1a3003527b883262287d0125eb9b93a7df7b1b05d65f35d8e3dc9b0668c238e400598fc9c1aa707eeb7f2fc392d8e72a782866b3ae200711697c95471a09ab95c4b38c5b4ea8329c5d2de90e075ad0d32c8c761d495c3578b0547da37875fc4c8c8f384202a278264", 0x73}, {&(0x7f0000004300)="4ba1adc9d1fd639cd60f9b4f281a2a48a5d49d69f3af6d236c6fbddc1af60ffa6f87d2caffb8bd15d67bebf2b4c091f044a1871f2ff6f0501b525aa41390837fa4d4f37fe29be68595b97e994516e10c58b171bfb69c7e80e6c2a7e2e61db002ffaf07cc4baee1afa408fb2a5f8a803797d3f09537e42abca8c678ec5b45e94b5d0369dc5f495bb80bdcc3587f92b670339c49c667a393d1e5f86fd6712b7a3a42cae3ac90086d1dbf4546ca9efa068f5ffcea47cccadabb180aad7ed95a87976be9e2d795936893aeee2f", 0xcb}, {&(0x7f0000004400)="57ef7bed64e4195c5d807b5fd06497fb11902dda05d1b6016c7a9fd9965a86a72c0848014296c17be6fe9a5137d40e49bb1eaf0da1de1e7bbbf266211ff8", 0x3e}, {&(0x7f0000004440)="4afea2fa2783fccaa255a60f1ae01a34a2936e4d0b3b90592c36d633cf0acc01f07bfe80a74b161c9c7bfa1f7d277ee3095face546408f6e32be0830ae18a324b49a59dce5e65ebde533f5be98654dd52fe5bb6552f07ab629d95b30a539971dead46c0f339e2377bd66f7f8b14b2cd0f2f0dd555c3c7e0d4126356b06dcd074523af56270e63c6aa90ec84f91e6be2cb3f25b33a885ee0e1b56a69473c38853e7d6698d8cc6f4f478d9ed0b40379141d0cea32a890cf840eba43c37d4266f248ddbe11a7c0e22a82c727b1f9d1d23aee19a4149775cdd58eef3df7a76a16a5740371c08a675b736933323ffb9e257ba8bc1023bc08e732b43638eaec612d7f921aad29be1e3b677570c0e290eb039e48e788d14a2aa0a680584551726b2aa6ea5422e27a95773550e16b9fff9a1e95ce266280bb3701377f1313e52aa826e581b90bf70ae0f33138e5de68b9409676e6f564823aee34afb94f4cf44e7b290967b04822559025e9e239897384a9b48928c72a6360eeb5c394d3851eaac71dc1d149477fc85532dce299480d97f965f4f18272d74450bcdc1ff628d6294a8c8cb8565631be944046ef4defe897b90738b5297de36d83ba8a49881d5176bcbb8c8d8a4be38626e37b5e9b11c29921910ba829045bd79c669dab40835d49e2fd393e27de308b01af0af3ee762b5eca11ca5990a1ac999afe3d5f6d979ee9eb3e8e71987ac4a088a682e434e110c8821996e650a8caa31754b4a25463c91e54d07295f7cdc712dfe088be46454baaf21c43b9c804700deaac3eef5e7ad1486a0cef2a4e3a9becd2e56111143691360f43d8d0728319d8f29ca2679b07ddfd37c5eb16d115070a6abaeec503a04e92502e73229e9518e60ea5c8bd5f9cc6643169d390d8af34e822408f8b44757ce112a55e57cc07abe3d14c25f8c32c42ff222ba14ea7104135ba3c8b2f5f52125c8e27ef7b041cbb60b64fa2d48500ea3c212ae5e5fbea611d4fcb2650a90798662979babb8b5f91b75e07c78db1e1d2305628d62f577f3b5a3b63112e97d57c7ba5d5c87863eb08b8d9e290c05e47bd57875f5047b0397a6908ea35baee3e4ba262ff5b9b6bcb2365600ca53d28085e533f7452649462409b9531d77bca165d9af09fce8c3a0c554ce0b57f77ec3dfcb5b19780472b989ee7696e1572119e666f6de5a59b4a71f694c40599a759ff12f2537ed5e38dac4138146a1213288d98c8f0d60ed29fa26f21ab113b370a6522a9ccf718d755810fae5d4406aa28ef9c5082c727f9f3596a6be959cf929f3990251808371763b3128cd712750bd73be583859902a6a3294b2f6a59e5da7c43a08d85878f9fb336625b96a031ec5df89583f0aa43ad006f4b4fc3035ff9d5c7a26f73fb4af3f30b27f6fa2afa60c5cf89cba65b2a68a23ec38c07177317576e0eb708228e1ede9599ad0910d1eea046df666ec00479b5a3970e238333cdd84fb4f85def7cd5d75f514a48db5b305efa917fe43b2c8b78f049ed0222ed280f2750309829dde66a7a9766ebfba95dee178cc6d78be120f8d82239d596bd7309b08841adec673e060f127f4b56e9de886ab7a50bfa65369c485f588cd90c6676e19bfda9737bf69066c54f0223cf818c560014b600a0d0dbd58efa5a9c235514fa37f65d61f176249f364d515a6ad3c9306faf68f0d8b9aa8d9c0529797a1003a5291d4970afd3cbaa33b5ea491ef97abad600abf8ba2e24cc1c60f16f5d8179246cc6fdc43b1c5c35477d90428ea47f52b8b514d253170b9eeef9331013cd8d18beabe75799c178e3647dc89236c27969ca8cdee7ad922b8a065ffcbbf556ff8a73008144a6006416b0e6c949d3ecc560a5ee62189b08357916af5210691d22212ae798ca5a740aa44a8540135184fd7ba30606509231c1733361598cbc07a59b7f041627c3a15a73312b140b51abb14552eb30f987d3093964828be09411e6d6bde7196e6f09a8dce3e49a6454d68cd47c9c9d680fa602f5a3b5f4819bbbbf890bc1bc4647dc797abce858600e44f38b6995ec030d3bf81b340a42faf1b4d2ec22c31e4ee45665ebb5b07f3b9c929dac7e29f358534f863adbded72580295ead549307b4c01faf347a69a4f81976710574ef9e25ce3e65c6a130c75fe52dde1f77d0cd4be9b6ca1e2bc61bb82bfaf9729c4444f9fe3cfac412dec7be6ca30619e740145e7750c89de5acf02e98534f851e73bad4f1b66fbf6683fa2943b9a467d029e9bd1c9e135d6000ca4c713edcabecd132c3230ca2ce20519cb32aa8f2fc22ab28947f60d75b104c822b7b5c4e8501ddd42aa17944f17164be47c929eb664db0cabddf5f225a73bd6de720e31c7856a22235e9d7f9e2b9f617878c540ded0504b66b5e7a209a5c9fa1addf79c34c4fe35dad6730a4aba4828f05e317f57bcd17825341133b0a9a7f613cd97a1f9a813ebd737570aeb54432897ba20384399a17ad6f5ef3a64b79ee02a6a71c8f6ec21a93b895abe52e2ed505d85d3e70a90bd2518f9be2ddac04029b2233be6e4dbed0c1960584446623553f85d83fa0129fe5c4f4cdc9e72e89fd27e6a7e76dec2a8348de8cac2ce4fed70c5da00177bc4c1c47e5e15debb72d06d678cdc30c6d2ce4fc3cd4282cf2569310ee0a0e479b57d428dc94abe0174bf8f3d385a402cd890192d626aafaddbb0cf887726ae6c18593127a2b159005d84aae82349e9a8154bfc965b614d84909d5cdc6f44314476fef7c7ca9f47c34680a09791c89cfa0e31b6558ad1fed640ba61c5da575153250560b114ec1a3e5d6c88dd0a1946d48570e110a264a4caf8d165ff55eb050dd819a9d2c7d2e5d92a9de96ee523ed800c6278fad1551e949f16e6fae5256958b307e60eb850f2692167745041d40b9da4ef7d55ebb840e01b6570d8ce7169a8100dd1fa5fc6b7ffa169290cc2875dc1e4c833e183453f4c30d5112a8100684c27f224818ee2bd0a74ea3cf15c41116ecabda32062447149ce7e456bba6abe2743dfa30e5f3ae3658c8625b4cd90370e3ef9cce27198f7ff2e613a750769bbdfa0d9d601a26ff38d08aab2b90dac1e00545306804308ac50699c263f23bd9067abb3e7ce5f3c9623849d4123f05d0ef0118a2a2af895cc2ac95f4bd34120f85f25c1bbfe4c9747afda09dd187a9f3fa27002470bc9a93b3254a8510570a9d0aab0921bbe06958a4b05ceafd70d87b28a78fa3d086f467011788b1562332601bed058c92de1745fc45d9930c4f2815a2d57e8e2bc82c39bacb24958d282c02cc86e1d14b1661f69e98711793d70706a12bbfce409526ab10b43ca01e32dfacbf6635e9e28d0bea9f6ea11ff7b9c49f7546dd12daddb4c349ff7c548c1c5434ba22befd69dde8f1f3289f83169a6a04e99154ff80467a380469ae07f8237c891600c9a4819be0f0bdf9e00e0a4f47e477e88d567becb653d437b78708cba2427e2c118d2659621c31f20d604b31b53836336fb76b410e20cbc8db6ab22c3d4d7c46d5317f375b69640e9589d842d824cd0f03eee1e69fb452260aa91553f290c58fba22ae9bc23aa98b6ff90744e5a52e5f6ac29771f53191ae862ab1f1c3ecb298970c208a7b70ab7911823a72ad0200ff087ad53ffdf4aa07fbf5f0b1c44d57f33b799f7a89d01f8193a2662ecc895b2384f2eb6160be962bbed10ce28757d432c65cfacdb3743dca82d38e7061b7ad859db58707eee52490dd00be5a105a2aa5c54e0e6fecdb655076b158a96d0e1ef91a945c1561f703a97fad0ffda0f495fa7e64a58ca1ea222b0c3ed410994897529407bcc5efe5c3bb4b02b61a55dca6f70ac56f5a0886fb22eb76acdcecb93f1a0653835a9076b929e6641bf1dd97bc642d909d6eef4479943b26a79b2fbe215bd3935888c6cb6c4a223cda5ede961edaac63f908d5c894dcd12639f025d2960ab02236df269731335dd3eb431dec1fd99dd7b89b4b6779db72a869b7c2a2eddb3b49aba9d73e1d316ddec64c7223046d0ab85f9ea478f24a95cd8daab5be645817ac363a1e3cf56a06a40970bbd734545540e344ba056ef306ac51e55dbfff63d696d3ff24c48bb68be8f6c0d07da4b3022093ae4deb2b0e23e95fe67fb33f9923f1062a9997a689f5f3e984ac3994f0da55aace1bf08f74b1137416f4522055c8cf09cc27c29e5ecb1a71a3cd58becd3c8694b8a08f5464db42bc7aa9cb238419e593142d528667776792f11196dbfe1770217c5c93af58bcfcfe75f6c7390163bde70796e3be279c335a141445befaf0653f498984b55c582c8c2233567e9c211850af6cba004c53d9f1dc32940eb797d67b98fb68994e93a905908b541f7f90f918b6bc1730454634d4a6f53ee9c31cba8107133b4cb2bb4611ae714f32085becaeff5306aefce3bb21703b8b4e2e8ab6480864b7c865531df8ff15da369f26ecc2e8865bb3f51dc8ae15c21058966007114f6fd03d9d48b65ba3d2e17cad3de76091a2e7f3270414ab1423c7a66b12c36b900ab9194a3c6c22b61e075d29f3b5c70b7ca22c4e45cdf60b6ec884e6a2b38ccd40558d1132599ad36b7ade5c82c38e83add5102175899cccd4c460f8c218457fff92b2fd28d0010fff209ff68273959363503d1ef5bceaaf7a9cc1a776093a88f1c91eba566043f36cbb985302bd3b1f3f4d40005f0e36d1feda4d89618072693657dcebc300b6de9571be150b1b211c1fa4927fa2bf9ae33837c84d102e67f80b35bb7b7bfddff455269acd66754347c27f856eef9594f0448019ee7c54f574b7e7d380232dab4752c185fe50b1957e9fa5fb26394e5116eb35b3c466df781e5ff03736ad877060c8bfeb93d01ba0f88d8d01ab6c0f02ddd6d74e77659d76050aa53298e491bf60d2982fbe1748fd79ccf0132fee45dcde8d425ba26ad6fa8110eb9522faa7a353cb6e3c5b8d76a2b191cc1c190a292a6b51002dd07d2671cc6ed8e3441ac5600c70046d84e9c842ef17a61ca8e11254bd3994216a4c3d41a193f2d4fe3269d3def19ae29a667fd5624b8027d9d4d814114c2b88d4d99775dbae83b21b530b88e0ad125e576ef4a4afbbbccf545365f1c875617fd5853c978dafbf0d4f6ca13591ba71392bfaf7360eebb96d47aec611e43a14118b3295bedcdc87cbdd8b7bb7c846b32c4b06ccf4522ec834376a24f9edeb51891dd4cc5a80d728f49ecf4eeedc6afaa544cd8f96343580357d6b722e75afb272f84e5112b423ca3fcce18dbd742d18ef9a64048cd90ba99226440611faec10b6aa745f4162219565763dd734f2b8c3e1828f3dbf70dcc4e0b2fb98bd656413f4ac529ec61281cf6954cf65dcfd4cddbd6bb7edb824a461fff758b5d993d4267f704845684d9820e0590503d872b486be15101348be53b0312abc287532a77681955df34d25b7d8a15a336fbb7f8c1a781ba8582b13b0beb52794efd86db50e0b107fb47494427ea9f8345465f0e9156802491acffaddecddf30c4750a02e7c18bf35257027c7fa63c3a7f2b97eafd26724486db4ee1a1c881aebc25db692844c9dcb79263aba0ba3f73810f38f5f9966843905d86a3579a8a74e5a3217142337c5732577a179e0fba16b3b7673ac3a7fd96d91a8d523b9291f52767df20446f75bef698934b0ef29c543ef4d64cc620f076c09dde1182cbb9eb49efe10287c885862075c1f7103fb9e3a7c0976255fa7c4b80397539f937ad563c233a3c48b4522f93de2b2c9e6fae4891816ac2bf3e486b945bf354dbb40de9ee1e255b5103928fc1a9459a9e", 0x1000}], 0x4, 0x0, 0x0, 0x4044080}], 0x6, 0x10)
bind$alg(r2, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
sync_file_range(r1, 0xadc2, 0x2, 0x6)
r4 = dup2(r2, r2)
connect$pptp(r4, &(0x7f0000000080)={0x18, 0x2, {0x1, @rand_addr=0x8}}, 0x1e)
r5 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000140)='/dev/sequencer\x00', 0x8e80, 0x0)
openat(r5, &(0x7f00000000c0)='./file0\x00', 0x40, 0x40)

18:41:28 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1127.931309] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:28 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1128.028781] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1129.755608] Bluetooth: hci1: command 0x1003 tx timeout
[ 1129.761007] Bluetooth: hci1: sending frame failed (-49)
[ 1129.766450] Bluetooth: hci0: command 0x1003 tx timeout
[ 1129.771791] Bluetooth: hci0: sending frame failed (-49)
[ 1130.555592] Bluetooth: hci2: command 0x1003 tx timeout
[ 1130.555629] Bluetooth: hci3: command 0x1003 tx timeout
[ 1130.560999] Bluetooth: hci2: sending frame failed (-49)
[ 1130.571226] Bluetooth: hci3: sending frame failed (-49)
[ 1131.835618] Bluetooth: hci1: command 0x1001 tx timeout
[ 1131.835624] Bluetooth: hci0: command 0x1001 tx timeout
[ 1131.846467] Bluetooth: hci0: sending frame failed (-49)
[ 1131.851897] Bluetooth: hci1: sending frame failed (-49)
[ 1132.635618] Bluetooth: hci2: command 0x1001 tx timeout
[ 1132.635980] Bluetooth: hci3: command 0x1001 tx timeout
[ 1132.640990] Bluetooth: hci2: sending frame failed (-49)
[ 1132.651396] Bluetooth: hci3: sending frame failed (-49)
[ 1133.915603] Bluetooth: hci1: command 0x1009 tx timeout
[ 1133.915610] Bluetooth: hci0: command 0x1009 tx timeout
[ 1134.715611] Bluetooth: hci2: command 0x1009 tx timeout
[ 1134.715617] Bluetooth: hci3: command 0x1009 tx timeout
18:41:39 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
getsockname(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, &(0x7f0000000080)=0x80)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000100)={<r2=>0x0, @in6={{0xa, 0x4e20, 0x6df, @loopback, 0x3}}, 0x200, 0xd7b}, &(0x7f00000001c0)=0x90)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000200)={r2, 0x2, 0x0, 0x100000001, 0x6e6}, &(0x7f0000000280)=0x18)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:41:39 executing program 3:
r0 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/net/pfkey\x00', 0x280, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r0, 0x40082404, &(0x7f0000000180)=0x9)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x121000, 0x0)
setsockopt$inet_tcp_buf(r2, 0x6, 0x1f, &(0x7f00000000c0)="4a2fad8f0ebbb927028e1e7896ff75d39d978f0cf7efbb0c083881932c9054873ebec884d5f32bcb924535ad728aa778d2fb087cdc5a27f2c6e756cef96b49b1a3eb4b53081fe28e3cbb7fcf52683ea4ddd28b6458fd3d3b69ab51a0cbb8aed937b591addc155d", 0x67)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:41:39 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:39 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:39 executing program 2:
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xe, 0xe, &(0x7f0000000480)=ANY=[@ANYBLOB="b702000003440200bfa30000000000000702000002feffff7a0af0ff01ffffff79a4f0ff00000000b7060000ffffffff7d640200000000006502faff03be01000404000001007d60b7030000001000006a0a00fe00000000850000002b000000cf000000000000009500000000000000a81bbfa3982de7b0efc5733ed236e4add6de094e0832aaa6912a8b2ce571c45841e41f44ae7c5e84e6e3a94b574d2edfa38ccb15f1cb24421d394fcf860db509000000de2243533ef6d62a46b3009a54f4fd7db0d4968a384b0f59c7919b10a43b0958acbdd1e423899d5fdb68832e986440ff0a7edfa0cb231ccd"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)

18:41:39 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:41:39 executing program 2:
r0 = semget$private(0x0, 0x2, 0x10)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000440)=""/242)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfec7be070")
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000600)='/dev/cachefiles\x00', 0x100, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000640)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000680)='/dev/radio#\x00', 0x2, 0x2)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @initdev, @broadcast}, &(0x7f00000001c0)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10018000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@deltfilter={0x54, 0x2d, 0x8, 0x70bd2d, 0x25dfdbfc, {0x0, r3, {0xffff, 0xf}, {0xd05ec3c80fcab1b0, 0x4}, {0xd9077361a99243b3}}, [@filter_kind_options=@f_flow={{0xc, 0x1, 'flow\x00'}, {0xc, 0x2, [@TCA_FLOW_MASK={0x8, 0x6, 0x9}]}}, @TCA_CHAIN={0x8, 0xb, 0x7fff}, @TCA_RATE={0x8, 0x5, {0x100000000, 0x1b9}}, @TCA_RATE={0x8, 0x5, {0x1}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0105303, 0x0)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
r4 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000002c0)=0xffffffffffffff59, 0x7fffc)
write$binfmt_script(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="2301202e2f46696c6530202a2d206d696d655f74797065766d6e6574317472757374656420207b23406d64f3c5198e5d9e09d87f1bc5113573756d5e6d643573756d20c22fbfa02f91d74a6ee517245b29266b657972696e67f36563757269747976626f786e6574316b0a1138594b54e624129a76db695350b27626469a23841f65fb48aaf3be8d849bb37960257354c9e2f969795d72739f41ca5586e6b92dbcc1b4e8135550c6ccc410b0019384c30b316ca1d3a1a645afb515f1086cae351ae3aa000d9c608e390a2524db84b163a87cd6e42a617740e8126921cddb2c5f4b9b6187b67488fd36858973998fae94a65d92cd5f590224cc15567f9b4772119323a2c4b666eb63d688c91927ec36025ae530cff105675ea5e1576500aaa0f993d9a60797f0981d216614370000000000001bac683e3bcc8b83f81d723027dffbb4793952725b2e6958194868d5ac6b7235f85739518b51f5d59dd065a823f785ce8688e0a696cd171ac14ee0e073cb27bf17773a0ae0f37e8f6007749c3a39805bd49ae0bce05f"], 0x16c)
symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80001, 0x100)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0xfffffffffffffffe)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e23}, 0x1c)
ioctl$DRM_IOCTL_AGP_ENABLE(r5, 0x40086432, &(0x7f0000000380)=0x5)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
listen(r6, 0x200000000002)
r7 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r7, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10)
setsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f0000000140), 0x4)
getsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, 0x0, &(0x7f00000006c0)=0x44)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

18:41:39 executing program 3:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000240)='/dev/snd/pcmC#D#c\x00', 0x5, 0x1)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f0000000280)={0x5e, 0x3, 0xa, 0xb, 0x7, 0x81})
setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT(r0, 0x28, 0x6, &(0x7f00000002c0)={0x0, 0x2710}, 0x10)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x101900, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000100)=0xffff)
setsockopt$RDS_CONG_MONITOR(r2, 0x114, 0x6, &(0x7f00000000c0)=0x1, 0x4)
utimensat(r2, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)={{0x0, 0x7530}, {0x0, 0x7530}}, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1139.181618] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:39 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, 0x0, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1139.252892] Bluetooth: hci0: Frame reassembly failed (-84)
18:41:39 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1139.313746] Bluetooth: hci1: Frame reassembly failed (-84)
18:41:39 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1139.372228] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:39 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr-aes-neonbs\x00'}, 0x58)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1139.514121] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1141.276191] Bluetooth: hci0: command 0x1003 tx timeout
[ 1141.281669] Bluetooth: hci0: sending frame failed (-49)
[ 1141.355591] Bluetooth: hci1: command 0x1003 tx timeout
[ 1141.361112] Bluetooth: hci1: sending frame failed (-49)
[ 1142.075693] Bluetooth: hci2: command 0x1003 tx timeout
[ 1142.081124] Bluetooth: hci2: sending frame failed (-49)
[ 1143.355606] Bluetooth: hci0: command 0x1001 tx timeout
[ 1143.360989] Bluetooth: hci0: sending frame failed (-49)
[ 1143.435617] Bluetooth: hci1: command 0x1001 tx timeout
[ 1143.441112] Bluetooth: hci1: sending frame failed (-49)
[ 1144.155608] Bluetooth: hci2: command 0x1001 tx timeout
[ 1144.161006] Bluetooth: hci2: sending frame failed (-49)
[ 1145.435610] Bluetooth: hci0: command 0x1009 tx timeout
[ 1145.515604] Bluetooth: hci1: command 0x1009 tx timeout
[ 1146.235607] Bluetooth: hci2: command 0x1009 tx timeout
18:41:51 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$selinux_enforce(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/enforce\x00', 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_TLV_COMMAND(r1, 0xc008551c, &(0x7f0000000040)={0x7ff, 0x4, [0x3f]})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
syz_open_pts(r0, 0x400080)
accept$inet(r1, 0x0, &(0x7f0000000080))
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:41:51 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:41:51 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:41:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$selinux_avc_cache_stats(0xffffffffffffff9c, &(0x7f0000000100)='/selinux/avc/cache_stats\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000000440)={0x8, 0x758d, 0x5, 0x5c, &(0x7f0000000140)=""/92, 0xc5, &(0x7f0000000240)=""/197, 0xdc, &(0x7f0000000340)=""/220})
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
openat$smack_task_current(0xffffffffffffff9c, &(0x7f0000000480)='/proc/self/attr/current\x00', 0x2, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x4001, 0x0)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f00000000c0)=0x1)

18:41:51 executing program 2:
r0 = semget$private(0x0, 0x2, 0x10)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000440)=""/242)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfec7be070")
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000600)='/dev/cachefiles\x00', 0x100, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000640)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000680)='/dev/radio#\x00', 0x2, 0x2)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @initdev, @broadcast}, &(0x7f00000001c0)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10018000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@deltfilter={0x54, 0x2d, 0x8, 0x70bd2d, 0x25dfdbfc, {0x0, r3, {0xffff, 0xf}, {0xd05ec3c80fcab1b0, 0x4}, {0xd9077361a99243b3}}, [@filter_kind_options=@f_flow={{0xc, 0x1, 'flow\x00'}, {0xc, 0x2, [@TCA_FLOW_MASK={0x8, 0x6, 0x9}]}}, @TCA_CHAIN={0x8, 0xb, 0x7fff}, @TCA_RATE={0x8, 0x5, {0x100000000, 0x1b9}}, @TCA_RATE={0x8, 0x5, {0x1}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0105303, 0x0)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
r4 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000002c0)=0xffffffffffffff59, 0x7fffc)
write$binfmt_script(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="2301202e2f46696c6530202a2d206d696d655f74797065766d6e6574317472757374656420207b23406d64f3c5198e5d9e09d87f1bc5113573756d5e6d643573756d20c22fbfa02f91d74a6ee517245b29266b657972696e67f36563757269747976626f786e6574316b0a1138594b54e624129a76db695350b27626469a23841f65fb48aaf3be8d849bb37960257354c9e2f969795d72739f41ca5586e6b92dbcc1b4e8135550c6ccc410b0019384c30b316ca1d3a1a645afb515f1086cae351ae3aa000d9c608e390a2524db84b163a87cd6e42a617740e8126921cddb2c5f4b9b6187b67488fd36858973998fae94a65d92cd5f590224cc15567f9b4772119323a2c4b666eb63d688c91927ec36025ae530cff105675ea5e1576500aaa0f993d9a60797f0981d216614370000000000001bac683e3bcc8b83f81d723027dffbb4793952725b2e6958194868d5ac6b7235f85739518b51f5d59dd065a823f785ce8688e0a696cd171ac14ee0e073cb27bf17773a0ae0f37e8f6007749c3a39805bd49ae0bce05f"], 0x16c)
symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80001, 0x100)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0xfffffffffffffffe)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e23}, 0x1c)
ioctl$DRM_IOCTL_AGP_ENABLE(r5, 0x40086432, &(0x7f0000000380)=0x5)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
listen(r6, 0x200000000002)
r7 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r7, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10)
setsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f0000000140), 0x4)
getsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, 0x0, &(0x7f00000006c0)=0x44)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

18:41:51 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$KDGETMODE(r0, 0x4b3b, &(0x7f0000000040))
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[ 1150.672499] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1150.702002] Bluetooth: hci0: Frame reassembly failed (-84)
18:41:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0xfffffffffffffe32)

18:41:51 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1150.726811] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1150.732600] Bluetooth: hci1: Frame reassembly failed (-84)
18:41:51 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1150.831216] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:41:51 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x22)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x4e24}, {0x2, 0x4e22, @loopback}, {0x2, 0x4e24, @multicast2}, 0x20, 0x0, 0x0, 0x0, 0x7, &(0x7f0000000000)='veth0_to_hsr\x00', 0x4, 0x0, 0x3})

18:41:51 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1150.875895] protocol 88fb is buggy, dev hsr_slave_0
[ 1150.881261] protocol 88fb is buggy, dev hsr_slave_1
18:41:51 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0), 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1150.970356] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1151.116526] protocol 88fb is buggy, dev hsr_slave_0
[ 1151.122222] protocol 88fb is buggy, dev hsr_slave_1
[ 1151.125567] protocol 88fb is buggy, dev hsr_slave_0
[ 1151.473471] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1152.725616] Bluetooth: hci0: command 0x1003 tx timeout
[ 1152.731151] Bluetooth: hci0: sending frame failed (-49)
[ 1152.795576] Bluetooth: hci1: command 0x1003 tx timeout
[ 1152.801097] Bluetooth: hci1: sending frame failed (-49)
[ 1153.515789] Bluetooth: hci3: command 0x1003 tx timeout
[ 1153.521149] Bluetooth: hci2: command 0x1003 tx timeout
[ 1153.521183] Bluetooth: hci3: sending frame failed (-49)
[ 1153.528212] Bluetooth: hci2: sending frame failed (-49)
[ 1154.795775] Bluetooth: hci0: command 0x1001 tx timeout
[ 1154.801301] Bluetooth: hci0: sending frame failed (-49)
[ 1154.881310] Bluetooth: hci1: command 0x1001 tx timeout
[ 1154.886843] Bluetooth: hci1: sending frame failed (-49)
[ 1155.595677] Bluetooth: hci3: command 0x1001 tx timeout
[ 1155.596315] Bluetooth: hci2: command 0x1001 tx timeout
[ 1155.606348] Bluetooth: hci3: sending frame failed (-49)
[ 1155.612343] Bluetooth: hci2: sending frame failed (-49)
[ 1156.875606] Bluetooth: hci0: command 0x1009 tx timeout
[ 1156.955588] Bluetooth: hci1: command 0x1009 tx timeout
[ 1157.675776] Bluetooth: hci2: command 0x1009 tx timeout
[ 1157.681564] Bluetooth: hci3: command 0x1009 tx timeout
18:42:01 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40000, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r1, 0xc4c85513, &(0x7f0000000280)={{0x6, 0x6, 0x6, 0x8000, 'syz0\x00', 0x2}, 0x1, [0x2f, 0x3, 0xff, 0x272, 0xe9, 0x2000, 0x80, 0x1, 0xfffffffffffffff8, 0xa8, 0x1, 0x5, 0x4145, 0x7, 0x2, 0x400, 0x3, 0x6, 0x8001, 0x22b6, 0x6, 0x1, 0x8, 0x65, 0x4, 0x6, 0x100000001, 0x8000000000000, 0x7, 0x6, 0x65, 0x6, 0x80000000, 0xfffffffffffffffb, 0x100000000, 0x4, 0x0, 0x4, 0x1, 0x8, 0x9000, 0x1ff, 0x3, 0x4, 0x26, 0x6, 0x10001, 0x41, 0x76e2, 0x5, 0xa0, 0x2, 0x18, 0x2, 0x13, 0xffffffffffff8001, 0x4, 0xfffffffffffffc68, 0x5eeb1eb5, 0x1, 0x100000001, 0x7f, 0x4, 0x400, 0x401, 0x1, 0x9, 0x3f, 0x33f, 0x7, 0x6, 0x3a71, 0x2, 0x4, 0x2, 0x101, 0x2, 0xff, 0x8, 0x4f0d, 0x27, 0x1ff, 0x400, 0x9, 0x9, 0x81, 0xfff, 0x7fffffff, 0x5, 0x1, 0x4, 0x976, 0x4, 0x4c50, 0x3, 0xffffffff, 0x1ff, 0x3f, 0x1000, 0xa8, 0x7, 0x20, 0x7, 0x200, 0x7ff, 0x3, 0x43e, 0x0, 0x5, 0x5cb, 0x6, 0x2, 0x6, 0x8, 0x6, 0xfffffffffffffe00, 0x200, 0x2, 0x8, 0x0, 0x100000000, 0x0, 0x5, 0x8, 0x8, 0xfffffffffffffffb, 0x0, 0x1000000]})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:01 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x0, 0x0)
ioctl$RTC_WIE_OFF(r1, 0x7010)
bind$alg(r0, &(0x7f0000000240)={0x26, 'aead\x00', 0x0, 0x0, 'morus640-sse2\x00'}, 0xffffffffffffff95)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:42:01 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:01 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:42:01 executing program 2:
r0 = semget$private(0x0, 0x2, 0x10)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000440)=""/242)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfec7be070")
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000600)='/dev/cachefiles\x00', 0x100, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000640)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000680)='/dev/radio#\x00', 0x2, 0x2)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @initdev, @broadcast}, &(0x7f00000001c0)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10018000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@deltfilter={0x54, 0x2d, 0x8, 0x70bd2d, 0x25dfdbfc, {0x0, r3, {0xffff, 0xf}, {0xd05ec3c80fcab1b0, 0x4}, {0xd9077361a99243b3}}, [@filter_kind_options=@f_flow={{0xc, 0x1, 'flow\x00'}, {0xc, 0x2, [@TCA_FLOW_MASK={0x8, 0x6, 0x9}]}}, @TCA_CHAIN={0x8, 0xb, 0x7fff}, @TCA_RATE={0x8, 0x5, {0x100000000, 0x1b9}}, @TCA_RATE={0x8, 0x5, {0x1}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0105303, 0x0)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
r4 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000002c0)=0xffffffffffffff59, 0x7fffc)
write$binfmt_script(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="2301202e2f46696c6530202a2d206d696d655f74797065766d6e6574317472757374656420207b23406d64f3c5198e5d9e09d87f1bc5113573756d5e6d643573756d20c22fbfa02f91d74a6ee517245b29266b657972696e67f36563757269747976626f786e6574316b0a1138594b54e624129a76db695350b27626469a23841f65fb48aaf3be8d849bb37960257354c9e2f969795d72739f41ca5586e6b92dbcc1b4e8135550c6ccc410b0019384c30b316ca1d3a1a645afb515f1086cae351ae3aa000d9c608e390a2524db84b163a87cd6e42a617740e8126921cddb2c5f4b9b6187b67488fd36858973998fae94a65d92cd5f590224cc15567f9b4772119323a2c4b666eb63d688c91927ec36025ae530cff105675ea5e1576500aaa0f993d9a60797f0981d216614370000000000001bac683e3bcc8b83f81d723027dffbb4793952725b2e6958194868d5ac6b7235f85739518b51f5d59dd065a823f785ce8688e0a696cd171ac14ee0e073cb27bf17773a0ae0f37e8f6007749c3a39805bd49ae0bce05f"], 0x16c)
symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80001, 0x100)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0xfffffffffffffffe)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e23}, 0x1c)
ioctl$DRM_IOCTL_AGP_ENABLE(r5, 0x40086432, &(0x7f0000000380)=0x5)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
listen(r6, 0x200000000002)
r7 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r7, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10)
setsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f0000000140), 0x4)
getsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, 0x0, &(0x7f00000006c0)=0x44)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

18:42:02 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x400000, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/policy\x00', 0x0, 0x0)
ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000180)={0x9, 0x9, 0x2})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
vmsplice(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="3a87a329d3dfd6d5fcb4a89a6680eca058d935ffdcd0dbacd90a", 0x1a}], 0x1, 0x2)
ioctl$GIO_UNISCRNMAP(r0, 0x4b69, &(0x7f0000000040)=""/12)
ioctl$DRM_IOCTL_VERSION(r1, 0xc0406400, &(0x7f0000000300)={0xfffffffffffffffa, 0x9, 0x80000000000000, 0x2a, &(0x7f00000001c0)=""/42, 0x15, &(0x7f0000000200)=""/21, 0x96, &(0x7f0000000240)=""/150})
socket$inet6_udplite(0xa, 0x2, 0x88)

[ 1161.573758] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:42:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
ioctl$FICLONERANGE(r0, 0x4020940d, &(0x7f00000004c0)={r0, 0x0, 0xd, 0x5, 0x2})
r1 = openat$selinux_commit_pending_bools(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/commit_pending_bools\x00', 0x1, 0x0)
sendmsg$inet_sctp(r1, &(0x7f0000000480)={&(0x7f0000000500)=@in6={0xa, 0x4e20, 0x8, @mcast2, 0x8}, 0x1c, &(0x7f00000003c0)=[{&(0x7f0000000100)="4b9043fe7a29572eb7f2b7f303baee00898fc2207268c914695f85a2fadcc49878c54b9d010f729d3a9c234ad5", 0x5e3ff9f2}, {&(0x7f0000000140)="1160f3", 0x3}, {&(0x7f0000000240)="87e56cdfc41288a896d3439f2e7c7fc8dc10c32dceb855ffdafb3047cab45df79c247645bb95ae0f1e6340cdb0afb79dd1195b86b29a22908ee78b7bd042a0b8efb70c624f4afbdd0fd7905ccc9012f99890cfedad907e71cfb346ab30671394f3c672e72a7e29ff2fff043722a75839da9a5b0c3c8e8a78507b40974ad15cbaf869f2f9772ac6e56d8da40e1388ccf1ad31c52679917b2c74", 0x99}, {&(0x7f0000000540)="da4c62f0f9ba567692", 0x9}, {&(0x7f0000000300)="4885df98d3c37063db08b3df86fedda50e8766cab19506cb77aa7a645fd76f34b3e4f50898294cb5f294388f2ecbdc489abe2e8e7c1c71084b840b44bc1e3b2a7ef3face24639af7dc83166a83cc9b8849e4399a35876ab0fd971dc8dd3a01d67d20b91a770c7f40cc330e526ce093f0b54cea92138bd1495a1db64e3d97fed8cdeac00c3177bd3107591da533dc76b150c6ec601d58d726", 0x98}], 0x5, &(0x7f0000000440)=[@init={0x18, 0x84, 0x0, {0xb6, 0x5, 0x8, 0x8a9f}}, @dstaddrv4={0x18, 0x84, 0x7, @multicast1}], 0x66}, 0x40000)

18:42:02 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1161.646233] Bluetooth: hci0: Frame reassembly failed (-84)
18:42:02 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:02 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1161.735366] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:42:02 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
syz_open_dev$sg(&(0x7f0000000080)='/dev/sg#\x00', 0xd6, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:42:02 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x0, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1161.817283] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1162.401903] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1163.675569] Bluetooth: hci0: command 0x1003 tx timeout
[ 1163.681054] Bluetooth: hci0: sending frame failed (-49)
[ 1164.475988] Bluetooth: hci1: command 0x1003 tx timeout
[ 1164.481517] Bluetooth: hci1: sending frame failed (-49)
[ 1165.756722] Bluetooth: hci0: command 0x1001 tx timeout
[ 1165.762119] Bluetooth: hci0: sending frame failed (-49)
[ 1166.555553] Bluetooth: hci1: command 0x1001 tx timeout
[ 1166.560940] Bluetooth: hci1: sending frame failed (-49)
[ 1167.835575] Bluetooth: hci0: command 0x1009 tx timeout
[ 1168.635651] Bluetooth: hci1: command 0x1009 tx timeout
18:42:13 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$GIO_UNIMAP(r0, 0x4b66, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{}, {}]})
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x280, 0x0)
ioctl$KVM_XEN_HVM_CONFIG(r1, 0x4038ae7a, &(0x7f00000007c0)={0x9, 0xa3c, &(0x7f0000000140)="2efe6805c560bfbce607edd287bb6c25659b20623d610c145de1973639bacae2d3795312367769364a845c364052f7c3d8a93b12eaa96cc0bbe9d9fef36b7ef0adf5fb56b58f29e4dfbfd048ce0740db69fbf6b3cef7a873f060cba1f16a56d045ba5299a114b75b6b4a88a50a581a14ef404a9a512e699e328635ed013358086fc6a19dffb5b13294f5546328ff41e4031310720983fdf7c19127dfabb11812ecb1c9d23d5770165db75221eec826ba3d3485ee7379049847c8135cf822b55e73658c8dc20b31076e", &(0x7f0000000700)="615c7135e43a666289babfbf167bc6ddacf471841ce7e54abe19306d508a131584b05b19761cb629bd3d721f699c9b77e52cf140cd50417ff3e1c105d4f2ef5553d3f137a21c960933734270f0644c17ec0cef80b834051733864b3c118dc86689bd0d1b69f2f4ad53e29545c6887e55e7c8331edd0eb932cca3732985eb7e920fe151cf859016dccf92093629f82bb4c759a20ea344af1ec5edb840adff2882220cf6abc3309d2f3abb62", 0xc9, 0xab})
write$uinput_user_dev(r1, &(0x7f0000000280)={'syz0\x00', {0x7, 0x0, 0x3, 0x8000000000000}, 0x12, [0x401, 0x9, 0x5, 0x400, 0x81, 0x0, 0x0, 0x6, 0x6, 0x7, 0x10001, 0x1, 0x4, 0x3ff, 0x7fff, 0xfffffffffffffffb, 0xffffffffffffff13, 0x9, 0x802000000000000, 0x5, 0xf445, 0xf31, 0xfffffffffffffff8, 0x8, 0x0, 0x8, 0x100000001, 0x7, 0x6, 0xffff, 0x11e8, 0xffffffff, 0x10000, 0x9, 0x400, 0x100, 0x9, 0x8, 0x4, 0x8, 0xfff, 0x401, 0x4, 0x3a7, 0x2, 0x1ec, 0x8958, 0xdee, 0x6, 0x100000001, 0x5, 0x7, 0x2, 0xdd1a, 0x6, 0x86aa, 0x7, 0x2, 0x4, 0x6750, 0x401, 0x1000, 0x5, 0xfffffffffffffff9], [0x2, 0x2, 0x3ff, 0x7, 0x4, 0x5, 0x4, 0xfffffffffffffffa, 0x1f, 0x3f, 0x1, 0x9, 0x3, 0xffffffff, 0xa2, 0x7, 0xfffffffffffff59a, 0x5, 0x800, 0x9, 0x7ff, 0xffff, 0x8001, 0x8a6, 0xfffffffffffffff9, 0x5, 0x2, 0x8, 0x7, 0x0, 0xffffffffffff0000, 0x400, 0xff, 0x8, 0x20, 0x4, 0xb, 0x7, 0x9, 0x0, 0x40, 0x20, 0x7, 0x9, 0x4, 0x2bb, 0x87, 0x1ff, 0x4, 0xfffffffffffffffa, 0xfffffffffffffe00, 0x1, 0x8, 0x401, 0x7fffffff, 0x4, 0x0, 0xffff, 0xffffffff80000001, 0x80, 0x9, 0x54, 0x3f, 0x6], [0x4, 0x4, 0x4f81, 0x2, 0x8a9e, 0x2, 0x6, 0x47e, 0x1, 0x7fff, 0x6, 0x9, 0x2, 0x89a0, 0x5, 0x2, 0x101, 0xff, 0x1, 0x535c, 0x9, 0xdf7, 0x7, 0x80000, 0x0, 0x0, 0xbb, 0x500000000000000, 0x0, 0xc83c, 0xc1c0, 0x7, 0x7ab1, 0x0, 0x80000000, 0x6, 0x9, 0x3, 0x400, 0x2, 0x2, 0x5, 0x8, 0x8, 0x0, 0xfffffffffffffe01, 0xfffffffffffffffa, 0x7, 0x10001, 0x2, 0x3, 0x2, 0x0, 0x7f, 0x100, 0x6, 0x1, 0x400, 0xfffffffffffffbff, 0xb6cc, 0x6, 0x1, 0x1, 0x7], [0xffff, 0x7f, 0x4, 0x1400, 0x3, 0x0, 0x40, 0x2, 0x2, 0x10001, 0x5, 0x2, 0x7ff, 0x9, 0x4, 0x5, 0x200, 0x1ff, 0x374, 0x6, 0x6, 0x361b, 0xffffffffadab2851, 0x7, 0x7f, 0x9, 0x2, 0x4, 0x5a1f, 0xf4, 0x3, 0xffffffff, 0xfff, 0x4, 0x4, 0x80000001, 0x1, 0xfffffffffffffff8, 0x2, 0x4, 0x800, 0x0, 0x9, 0x8, 0x1f, 0x3b8, 0x6, 0x7fff, 0x9, 0x1, 0x2, 0x1, 0x1000, 0xf528, 0x10001, 0x101, 0x5, 0x6, 0x8, 0x5, 0x40, 0x2, 0x3, 0x20]}, 0x45c)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$FS_IOC_FIEMAP(r1, 0xc020660b, &(0x7f0000000100)={0x2, 0x7, 0x4, 0x4})

18:42:13 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:13 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = getuid()
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000100)={0x0, <r3=>0x0}, &(0x7f0000000140)=0xc)
setresuid(r1, r2, r3)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:13 executing program 3:
r0 = syz_open_dev$sndpcmp(&(0x7f00000000c0)='/dev/snd/pcmC#D#p\x00', 0x8, 0x200000)
setsockopt$netlink_NETLINK_RX_RING(r0, 0x10e, 0x6, &(0x7f0000000100)={0x3ff, 0xff, 0x4, 0xfffffffffffffff9}, 0x10)
socket$inet_dccp(0x2, 0x6, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
fcntl$F_SET_FILE_RW_HINT(r1, 0x40e, &(0x7f0000000080)=0x5)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:42:13 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:42:13 executing program 2:
r0 = semget$private(0x0, 0x2, 0x10)
semctl$GETALL(r0, 0x0, 0xd, &(0x7f0000000440)=""/242)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfec7be070")
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000600)='/dev/cachefiles\x00', 0x100, 0x0)
r1 = syz_open_dev$swradio(&(0x7f0000000640)='/dev/swradio#\x00', 0x0, 0x2)
r2 = syz_open_dev$radio(&(0x7f0000000680)='/dev/radio#\x00', 0x2, 0x2)
getsockopt$inet_pktinfo(r2, 0x0, 0x8, &(0x7f0000000100)={<r3=>0x0, @initdev, @broadcast}, &(0x7f00000001c0)=0xc)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10018000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@deltfilter={0x54, 0x2d, 0x8, 0x70bd2d, 0x25dfdbfc, {0x0, r3, {0xffff, 0xf}, {0xd05ec3c80fcab1b0, 0x4}, {0xd9077361a99243b3}}, [@filter_kind_options=@f_flow={{0xc, 0x1, 'flow\x00'}, {0xc, 0x2, [@TCA_FLOW_MASK={0x8, 0x6, 0x9}]}}, @TCA_CHAIN={0x8, 0xb, 0x7fff}, @TCA_RATE={0x8, 0x5, {0x100000000, 0x1b9}}, @TCA_RATE={0x8, 0x5, {0x1}}]}, 0x54}, 0x1, 0x0, 0x0, 0x20008000}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r1, 0xc0105303, 0x0)
ioctl$NBD_CLEAR_SOCK(0xffffffffffffffff, 0xab04)
r4 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast1}, &(0x7f00000002c0)=0xffffffffffffff59, 0x7fffc)
write$binfmt_script(r4, &(0x7f0000000700)=ANY=[@ANYBLOB="2301202e2f46696c6530202a2d206d696d655f74797065766d6e6574317472757374656420207b23406d64f3c5198e5d9e09d87f1bc5113573756d5e6d643573756d20c22fbfa02f91d74a6ee517245b29266b657972696e67f36563757269747976626f786e6574316b0a1138594b54e624129a76db695350b27626469a23841f65fb48aaf3be8d849bb37960257354c9e2f969795d72739f41ca5586e6b92dbcc1b4e8135550c6ccc410b0019384c30b316ca1d3a1a645afb515f1086cae351ae3aa000d9c608e390a2524db84b163a87cd6e42a617740e8126921cddb2c5f4b9b6187b67488fd36858973998fae94a65d92cd5f590224cc15567f9b4772119323a2c4b666eb63d688c91927ec36025ae530cff105675ea5e1576500aaa0f993d9a60797f0981d216614370000000000001bac683e3bcc8b83f81d723027dffbb4793952725b2e6958194868d5ac6b7235f85739518b51f5d59dd065a823f785ce8688e0a696cd171ac14ee0e073cb27bf17773a0ae0f37e8f6007749c3a39805bd49ae0bce05f"], 0x16c)
symlinkat(&(0x7f0000000240)='./file0\x00', 0xffffffffffffffff, &(0x7f0000000280)='./file0\x00')
r5 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80001, 0x100)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0xfffffffffffffffe)
bind$inet6(r6, &(0x7f0000000040)={0xa, 0x4e23}, 0x1c)
ioctl$DRM_IOCTL_AGP_ENABLE(r5, 0x40086432, &(0x7f0000000380)=0x5)
syz_genetlink_get_family_id$tipc(&(0x7f0000000180)='TIPC\x00')
listen(r6, 0x200000000002)
r7 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r7, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={[], [], @remote}}, 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r7, 0x84, 0x6b, &(0x7f0000000000)=[@in={0x2, 0x4e23, @local}], 0x10)
setsockopt$bt_BT_FLUSHABLE(r5, 0x112, 0x8, &(0x7f0000000140), 0x4)
getsockopt$inet_sctp_SCTP_RTOINFO(r5, 0x84, 0x0, 0x0, &(0x7f00000006c0)=0x44)
ioctl$TCSETAW(0xffffffffffffffff, 0x5407, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)

[ 1173.083297] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1173.114858] Bluetooth: hci0: Frame reassembly failed (-84)
18:42:13 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
ioctl$FS_IOC_GET_ENCRYPTION_POLICY(r0, 0x400c6615, &(0x7f0000000280))
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128l-generic\x00'}, 0x58)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r1 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0x7, 0x101000)
ioctl$KDSKBMODE(r1, 0x4b45, &(0x7f00000002c0)=0x5)
fsetxattr$security_smack_transmute(r0, &(0x7f0000000100)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x1)

[ 1173.149836] Bluetooth: hci1: Frame reassembly failed (-84)
18:42:13 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:13 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

[ 1173.232692] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:42:13 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, r1)

18:42:13 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
r1 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x4, 0x80001)
ioctl$EVIOCSABS0(r1, 0x401845c0, &(0x7f0000000200)={0xacb, 0x3223, 0x3, 0x0, 0x3f, 0x1})
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x7a10)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r2 = syz_open_dev$vcsa(&(0x7f0000000080)='/dev/vcsa#\x00', 0x3, 0x0)
socket$alg(0x26, 0x5, 0x0)
ioctl$SNDRV_CTL_IOCTL_HWDEP_INFO(r2, 0x80dc5521, &(0x7f0000000180)=""/65)

18:42:13 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1173.448265] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1175.115526] Bluetooth: hci0: command 0x1003 tx timeout
[ 1175.121974] Bluetooth: hci0: sending frame failed (-49)
[ 1175.195543] Bluetooth: hci1: command 0x1003 tx timeout
[ 1175.201013] Bluetooth: hci1: sending frame failed (-49)
[ 1175.915564] Bluetooth: hci2: command 0x1003 tx timeout
[ 1175.921251] Bluetooth: hci2: sending frame failed (-49)
[ 1177.195629] Bluetooth: hci0: command 0x1001 tx timeout
[ 1177.201195] Bluetooth: hci0: sending frame failed (-49)
[ 1177.275634] Bluetooth: hci1: command 0x1001 tx timeout
[ 1177.281209] Bluetooth: hci1: sending frame failed (-49)
[ 1177.995753] Bluetooth: hci2: command 0x1001 tx timeout
[ 1178.001414] Bluetooth: hci2: sending frame failed (-49)
[ 1179.275634] Bluetooth: hci0: command 0x1009 tx timeout
[ 1179.355639] Bluetooth: hci1: command 0x1009 tx timeout
[ 1180.075706] Bluetooth: hci2: command 0x1009 tx timeout
18:42:24 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0xc028660f, &(0x7f0000000000)={0x0, r0, 0xc545, 0x1, 0x1, 0x4})
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:24 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, 0x0, 0x0)
dup2(r0, r1)

18:42:24 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:42:24 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:24 executing program 2:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x9)

18:42:24 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x19)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x48002, 0x0)
setsockopt$inet6_MRT6_ADD_MFC(r1, 0x29, 0xcc, &(0x7f0000000040)={{0xa, 0x4e23, 0x9, @empty, 0x7}, {0xa, 0x4e20, 0x3, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x3}, 0xfffffffffffff800, [0x8, 0x6, 0x7, 0x7, 0x3, 0xd30, 0x6, 0x9]}, 0x5c)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:24 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000003b00)='/dev/dlm-monitor\x00', 0x800, 0x0)
setsockopt$inet_sctp_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000003bc0)={0x0, 0x4, 0x200, 0x5}, 0x10)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:24 executing program 3:
r0 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000200)='/selinux/status\x00', 0x0, 0x0)
ioctl$sock_rose_SIOCADDRT(r0, 0x890b, &(0x7f0000000380)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x5, @bcast, @rose={'rose', 0x0}, 0x0, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]})
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
ioctl$sock_bt_hidp_HIDPCONNADD(r1, 0x400448c8, &(0x7f0000000240)={r1, r1, 0xffffffff, 0x7c, &(0x7f0000000080)="011f8364c1bf67d065e1e12c588c364e226c54ae4d44804efbe7e3540f28d4a849ba5475ce93c94f2f282a06abef4c44ad9cf0a8e34ce1efaf277e1c363cb8cfa7bcf58b18bfd084d583cc91388fe10551e5e2d503608788ad967c76889b614995fba3300d673de920c2c194f192a9f94818350e3206bbfbff617aeeaed0ac0c20fe333980e2fc09607384e5757d5516833a5f5970bc1ad6b9cc0ac45487bb54ec3199ee9909d65e4e3668d0ec880e77742105f96e33", 0xea99, 0x1, 0x2, 0x1, 0xfffffffffffffff7, 0x4ff93057f0e151dc, 0x2, 'syz0\x00'})
r2 = syz_open_dev$dmmidi(&(0x7f0000000180)='/dev/dmmidi#\x00', 0x5, 0x4000)
ioctl$TIOCSPTLCK(r2, 0x40045431, &(0x7f00000001c0))
ioctl$TUNGETDEVNETNS(r2, 0x54e3, 0x0)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
bind$alg(r1, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-arm64\x00'}, 0x370)
creat(&(0x7f0000000140)='./file0\x00', 0x40)
syz_open_dev$sndpcmc(&(0x7f0000000400)='/dev/snd/pcmC#D#c\x00', 0x5, 0x400)

[ 1183.939373] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:42:24 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:24 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, 0x0, 0x0)
dup2(r0, r1)

18:42:24 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
accept4(r0, &(0x7f0000000100)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, &(0x7f0000000180)=0x80, 0x80800)
ioctl$sock_ax25_SIOCADDRT(r1, 0x890b, &(0x7f0000000240)={@default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x4, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]})
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ubi_ctrl\x00', 0x400, 0x0)
ioctl$TIOCNOTTY(r2, 0x5422)
ioctl$sock_FIOGETOWN(r0, 0x8903, &(0x7f0000000080)=<r3=>0x0)
sched_setparam(r3, &(0x7f00000000c0)=0x8)

[ 1184.021201] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1184.036022] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:42:24 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1184.100562] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1184.809606] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1185.995560] Bluetooth: hci1: command 0x1003 tx timeout
[ 1185.995612] Bluetooth: hci0: command 0xfc11 tx timeout
[ 1186.001012] Bluetooth: hci1: sending frame failed (-49)
[ 1186.006471] Bluetooth: hci0: Entering manufacturer mode failed (-110)
[ 1186.075579] Bluetooth: hci2: command 0x1003 tx timeout
[ 1186.081096] Bluetooth: hci2: sending frame failed (-49)
[ 1186.875588] Bluetooth: hci3: command 0x1003 tx timeout
[ 1186.881456] Bluetooth: hci3: sending frame failed (-49)
[ 1188.075705] Bluetooth: hci0: Entering manufacturer mode failed (-110)
[ 1188.075729] Bluetooth: hci0: command 0xfc11 tx timeout
[ 1188.095623] Bluetooth: hci1: command 0x1001 tx timeout
[ 1188.101012] Bluetooth: hci1: sending frame failed (-49)
[ 1188.155853] Bluetooth: hci2: command 0x1001 tx timeout
[ 1188.161371] Bluetooth: hci2: sending frame failed (-49)
[ 1188.955625] Bluetooth: hci3: command 0x1001 tx timeout
[ 1188.961146] Bluetooth: hci3: sending frame failed (-49)
[ 1190.155739] Bluetooth: hci1: command 0x1009 tx timeout
[ 1190.235597] Bluetooth: hci2: command 0x1009 tx timeout
[ 1191.035600] Bluetooth: hci3: command 0x1009 tx timeout
18:42:34 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/checkreqprot\x00', 0x1, 0x0)
ioctl$SG_GET_LOW_DMA(r1, 0x227a, &(0x7f0000000040))
ioctl$RTC_UIE_OFF(r1, 0x7004)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:34 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x200, 0x200)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00')
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x7, &(0x7f00000004c0)={<r3=>0xffffffffffffffff}, 0x117}}, 0x20)
write$RDMA_USER_CM_CMD_REJECT(r1, &(0x7f0000000540)={0x9, 0x108, 0xfa00, {r3, 0x96, "f1251f", "a066cf37f26652411652a086c59e2a60f9831d6f6e30e6e0c00cf4e346f7d2611312f57dc27b56ecbdb4a5f2573663304dff3a227140defd66bcd0171d14155f2b12abdf96712dc47e39038c940c20afc42289f2e088e429aea72128c84969bf240e8d6136857c167c93fdf8fe0edbb63ea839604b821eab9c24935ef23e638a8264af3ec71a78f133bd102dee877f058a4e6cf9d89882652d4b70c5611da6d4919fe354150fc886a726a146267729b529adb358690cc62a436284d0b50653f75cd0d1ed14be68917955a09aa89a9f4878290ccc869e87528db604c0849be927f240d3e1aa9e31bba18deb82210185833b9783b2378260bb02c4eeaac38c5219"}}, 0x110)
sendmsg$TIPC_NL_NAME_TABLE_GET(r1, &(0x7f0000000480)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000440)={&(0x7f0000000340)={0xd8, r2, 0x0, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x1c, 0x7, [@TIPC_NLA_NET_NODEID={0xc}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffff001}]}, @TIPC_NLA_MEDIA={0x1c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_SOCK={0x38, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xa4ef}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x1}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xffffffffffffffe0}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_LINK={0x54, 0x4, [@TIPC_NLA_LINK_PROP={0x44, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0xffffffffffffffe0}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}]}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x10}, 0x4008010)
openat$capi20(0xffffffffffffff9c, &(0x7f00000006c0)='/dev/capi20\x00', 0x2000, 0x0)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDR_INFO(r0, 0x84, 0xf, &(0x7f00000000c0)={<r4=>0x0, @in={{0x2, 0x4e20, @empty}}, 0x8, 0x23, 0xc5fb, 0x9, 0x7}, &(0x7f0000000180)=0x98)
getsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000240)=@assoc_value={r4, 0x8}, &(0x7f0000000280)=0x8)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x56)
ioctl$sock_inet_SIOCGIFPFLAGS(r1, 0x8935, &(0x7f0000000680)={'sit0\x00', 0x8})
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:42:34 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:34 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, 0x0, 0x0)
dup2(r0, r1)

18:42:34 executing program 2:
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x32, 0xffffffffffffffff, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000001580)=ANY=[])

18:42:34 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000010000/0x18000)=nil, 0x0, 0x0, 0x0, &(0x7f00000001c0)=[@cr4={0x1, 0x204408}], 0x1)

[ 1194.183487] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1195.032081] Bluetooth: hci1: Frame reassembly failed (-84)
18:42:35 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0)
ioctl$SIOCGETLINKNAME(r1, 0x89e0, &(0x7f0000000040)={0x4, 0x1})
accept4$inet(r1, &(0x7f0000000100)={0x2, 0x0, @multicast2}, &(0x7f0000000140)=0x10, 0x80800)
ioctl$KDADDIO(r0, 0x400455c8, 0x1f8)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:35 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
r1 = syz_open_dev$amidi(&(0x7f0000000080)='/dev/amidi#\x00', 0x8, 0x200000)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:42:35 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:35 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100), 0x4)
dup2(r0, r1)

18:42:35 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xee67, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f00000002c0)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_GET_CLIENT_INFO(r0, 0xc0bc5310, &(0x7f0000000140))

18:42:35 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-512\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000002c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_pr_ctr_aes192\x00'}, 0x58)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
setsockopt$inet_sctp6_SCTP_INITMSG(r1, 0x84, 0x2, &(0x7f00000000c0)={0x5, 0x15efac38, 0x101}, 0x8)

[ 1195.478144] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1196.315554] Bluetooth: hci0: command 0x1003 tx timeout
[ 1196.321170] Bluetooth: hci0: sending frame failed (-49)
[ 1197.035669] Bluetooth: hci1: command 0x1003 tx timeout
[ 1197.041162] Bluetooth: hci1: sending frame failed (-49)
[ 1198.395603] Bluetooth: hci0: command 0x1001 tx timeout
[ 1198.401045] Bluetooth: hci0: sending frame failed (-49)
[ 1199.115646] Bluetooth: hci1: command 0x1001 tx timeout
[ 1199.121100] Bluetooth: hci1: sending frame failed (-49)
[ 1200.475680] Bluetooth: hci0: command 0x1009 tx timeout
[ 1201.195532] Bluetooth: hci1: command 0x1009 tx timeout
18:42:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$KDDISABIO(r0, 0x4b37)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:42:45 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x4201, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
setxattr$security_evm(&(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='security.evm\x00', &(0x7f00000001c0)=@v2={0x5, 0x0, 0x14, 0x6c86, 0x54, "718a2027551b7b4554c91e5d74a7f5612c5b0148deba492e81db9cf79c15f2a0f6ec50efd41236bcbfa216d72018add4ffbdcb6f01b0b64f10403a3244f3ba752983d3a588b06688dd947f645fc6fd153b15b53d"}, 0x5e, 0x3)

18:42:45 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100), 0x4)
dup2(r0, r1)

18:42:45 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r1 = syz_open_dev$audion(&(0x7f0000000080)='/dev/audio#\x00', 0x9, 0x400000)
ioctl$SNDRV_SEQ_IOCTL_SYSTEM_INFO(r1, 0xc0305302, &(0x7f00000000c0)={0x7ea6, 0x2, 0x3, 0xffffffff, 0x8, 0x8})
accept4$x25(r1, 0x0, &(0x7f0000000100), 0x0)

18:42:45 executing program 2:
clone(0x4000200, 0x0, 0x0, 0x0, 0x0)
mknod(&(0x7f0000000080)='./file0\x00', 0x1039, 0x0)
execve(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
r0 = gettid()
timer_create(0x0, &(0x7f0000000040)={0x0, 0x12, 0x0, @thr={0x0, 0x0}}, &(0x7f00009b1ffc))
timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
chmod(&(0x7f00000000c0)='./file0\x00', 0x0)
tkill(r0, 0x1000000000016)

18:42:45 executing program 3:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x32)

18:42:45 executing program 1:
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000000)='/dev/audio\x00', 0x109001, 0x0)
bind$rxrpc(r0, &(0x7f0000000040)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x4e23, 0xffffffff0, @empty, 0x4}}, 0x24)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)

[ 1205.070217] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1205.083134] Bluetooth: hci0: Frame reassembly failed (-84)
18:42:45 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080)='/dev/audio\x00', 0x109040, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x8040ae9f, &(0x7f00000000c0))
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x2, &(0x7f0000000240)={<r2=>0xffffffffffffffff}, 0x106, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_INIT_QP_ATTR(r1, &(0x7f00000002c0)={0xb, 0x10, 0xfa00, {&(0x7f0000000100), r2, 0x2}}, 0x18)

18:42:45 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:45 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100), 0x4)
dup2(r0, r1)

18:42:45 executing program 3:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'morus640\x00'}, 0x63adfeb15ff5117e)
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dsp\x00', 0x404501, 0x0)
setsockopt$inet6_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000140)=@gcm_256={{0x303}, "0f4ec8b5b8df0e81", "9192692bf13ec1806e96a5cb846353462ca24c6b09c4a54a52ed8f3624652f51", "1b9a5271", "2af6057fc1ec25d4"}, 0x38)
getsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f0000000180), &(0x7f00000001c0)=0x8)

[ 1205.204324] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1206.002787] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1207.115577] Bluetooth: hci0: command 0x1003 tx timeout
[ 1207.121075] Bluetooth: hci0: sending frame failed (-49)
[ 1207.275785] Bluetooth: hci1: command 0x1003 tx timeout
[ 1207.281335] Bluetooth: hci1: sending frame failed (-49)
[ 1207.915561] Bluetooth: hci2: command 0x1003 tx timeout
[ 1207.921037] Bluetooth: hci2: sending frame failed (-49)
[ 1208.085543] Bluetooth: hci3: command 0x1003 tx timeout
[ 1208.091093] Bluetooth: hci3: sending frame failed (-49)
[ 1209.195627] Bluetooth: hci0: command 0x1001 tx timeout
[ 1209.201020] Bluetooth: hci0: sending frame failed (-49)
[ 1209.355725] Bluetooth: hci1: command 0x1001 tx timeout
[ 1209.361246] Bluetooth: hci1: sending frame failed (-49)
[ 1209.995669] Bluetooth: hci2: command 0x1001 tx timeout
[ 1210.001070] Bluetooth: hci2: sending frame failed (-49)
[ 1210.165606] Bluetooth: hci3: command 0x1001 tx timeout
[ 1210.171205] Bluetooth: hci3: sending frame failed (-49)
[ 1211.275600] Bluetooth: hci0: command 0x1009 tx timeout
[ 1211.435761] Bluetooth: hci1: command 0x1009 tx timeout
[ 1212.075583] Bluetooth: hci2: command 0x1009 tx timeout
[ 1212.235615] Bluetooth: hci3: command 0x1009 tx timeout
18:42:56 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
accept(r1, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @initdev}}}, &(0x7f0000000100)=0x80)
pipe(&(0x7f0000000000))

18:42:56 executing program 2:
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x4000000000000002, &(0x7f00000001c0)=0xfc, 0x4)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x4e20}, 0x1c)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000140)="11dca5055e0bcfe47bf070")
sendto$inet6(r0, 0x0, 0x0, 0xfffffefffffffffe, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

18:42:56 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:56 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
r1 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vcs\x00', 0x18000, 0x0)
getsockopt$inet_tcp_int(r1, 0x6, 0x24, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
sendmsg$rds(r0, &(0x7f0000001740)={&(0x7f0000000140)={0x2, 0x4e22, @local}, 0x10, &(0x7f00000014c0)=[{&(0x7f0000000240)=""/125, 0x7d}, {&(0x7f0000000180)=""/55, 0x37}, {&(0x7f00000002c0)=""/4096, 0x1000}, {&(0x7f00000012c0)=""/137, 0x89}, {&(0x7f0000001380)=""/238, 0xee}, {&(0x7f0000001480)=""/27, 0x1b}], 0x6, &(0x7f0000001680)=[@fadd={0x58, 0x114, 0x6, {{0xffffffff, 0x6}, &(0x7f0000001540)=0x5, &(0x7f0000001580)=0x1, 0x8000, 0x3, 0x1, 0x1, 0x8, 0x8}}, @rdma_map={0x30, 0x114, 0x3, {{&(0x7f00000015c0)=""/83, 0x53}, &(0x7f0000001640), 0x2}}], 0x88, 0x40080}, 0x20000000)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:42:56 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(0xffffffffffffffff, r1)

[ 1215.955867] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[ 1215.974255] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:42:56 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:56 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000080)='/dev/autofs\x00', 0x1, 0x0)
bind$rds(r1, &(0x7f00000000c0)={0x2, 0x4e20, @empty}, 0x10)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1216.006211] Bluetooth: hci0: Frame reassembly failed (-84)
[ 1216.045139] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:42:57 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = dup(r0)
ftruncate(r0, 0x2)
ioctl$SNDRV_CTL_IOCTL_ELEM_LOCK(r1, 0x40405514, &(0x7f0000000000)={0x2, 0x5, 0xfff, 0x1, '\x00', 0x81})
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-monitor\x00', 0x2, 0x0)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)

18:42:57 executing program 2:
r0 = memfd_create(&(0x7f00000000c0)='queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb2\x1e\x00', 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000500)='/dev/snd/seq\x00', 0x0, 0x0)
r2 = dup2(r1, r0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, &(0x7f0000000140)={0x0, 0x0, 0x0, 'queue1\x00\x00\x02\x00\x1a\x00\x00\x00\x00\x1d\x00\x00\x00\x00\x11\x01\x00\x00\x00\x00\x00\x00\x14\xff\a\x00\b\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa7\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00'})
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000640)={0x166})

18:42:57 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:42:57 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(0xffffffffffffffff, r1)

18:42:57 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000080), 0x129)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1216.589551] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1216.635606] protocol 88fb is buggy, dev hsr_slave_0
[ 1216.640780] protocol 88fb is buggy, dev hsr_slave_1
[ 1218.075567] Bluetooth: hci0: command 0x1003 tx timeout
[ 1218.081075] Bluetooth: hci0: sending frame failed (-49)
[ 1218.715724] Bluetooth: hci1: command 0x1003 tx timeout
[ 1218.721332] Bluetooth: hci1: sending frame failed (-49)
[ 1218.795588] Bluetooth: hci2: command 0x1003 tx timeout
[ 1218.801008] Bluetooth: hci2: sending frame failed (-49)
[ 1220.155600] Bluetooth: hci0: command 0x1001 tx timeout
[ 1220.161013] Bluetooth: hci0: sending frame failed (-49)
[ 1220.795636] Bluetooth: hci1: command 0x1001 tx timeout
[ 1220.801071] Bluetooth: hci1: sending frame failed (-49)
[ 1220.875695] Bluetooth: hci2: command 0x1001 tx timeout
[ 1220.881113] Bluetooth: hci2: sending frame failed (-49)
[ 1222.235573] Bluetooth: hci0: command 0x1009 tx timeout
[ 1222.875751] Bluetooth: hci1: command 0x1009 tx timeout
[ 1222.955694] Bluetooth: hci2: command 0x1009 tx timeout
18:43:07 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$selinux_avc_hash_stats(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/hash_stats\x00', 0x0, 0x0)
ioctl$sock_bt_hidp_HIDPGETCONNINFO(r1, 0x800448d3, &(0x7f00000000c0)={{0xda6, 0x6, 0x9d, 0x8001, 0x8001, 0x8000}, 0x400080000, 0x81, 0x7f, 0xfffffffeffffffff, 0x4, "7cde2fd3b361bfee76d9cdf9cf98e41fb15fa1944c0f8e71958a6068a93dd04b97761e3ccaacb0ead7c97fd40daf59222f03047ce22e16922b1f0b50f2f9aa20d071af61beb2dbdc2dd2f9bd3608a55e15587e8b83dec0d757eb548b8c78c7efa86bbf34ec50c7c3909e431479a446255bebc37f4d21e9757c831c924114bf1c"})
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
getsockopt$bt_BT_CHANNEL_POLICY(r1, 0x112, 0xa, &(0x7f0000000180)=0xfffffffffffffff9, &(0x7f0000000240)=0x4)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_hmac_sha512\x00'}, 0x58)

18:43:07 executing program 2:
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'nr0\x01\x00', 0x4009})
ioctl$TUNGETIFF(r0, 0x8924, &(0x7f0000000000))

18:43:07 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x9)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
times(&(0x7f0000000000))

18:43:07 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(0xffffffffffffffff, r1)

18:43:07 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
prctl$PR_SET_TIMERSLACK(0x1d, 0x3)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x400, 0x0)
ioctl$VIDIOC_SUBDEV_S_EDID(r1, 0xc0285629, &(0x7f0000000100)={0x0, 0x0, 0xfffffffffffffe01, [], &(0x7f0000000080)=0x8})
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000000)={0x0, 0x0, 0x103, 0x7, {0x8, 0x7f, 0x3, 0x506}})

[ 1226.827471] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:43:07 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, 0xffffffffffffffff)

18:43:07 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
fsetxattr$security_evm(r0, &(0x7f0000000080)='security.evm\x00', &(0x7f0000000240)=ANY=[@ANYRESDEC=r0, @ANYRES64=r0, @ANYBLOB="934e4d5f4ba9180a53d1664297dfd4afdb8f04b4c587a37fb2668511aa4af3ddcc28658662d2e1bd7393401d20f26ea4abd7885dc61d1ab1b76ef48abc5043eb17d371ef857398cb24d2d1a1643afbc58c5f30af8508e5be68bfed9372fd7b0baa717ce0a616e69babbb9747c1c093b264189df73b002872ba63769a7210a1f85d656058de3a76e3538b8104842fe8b2", @ANYRES16, @ANYRES16=r0], 0x5, 0xda6ed8f61c875830)
accept$alg(r0, 0x0, 0x0)

18:43:07 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1226.939800] Bluetooth: hci0: Frame reassembly failed (-84)
18:43:07 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, 0xffffffffffffffff)

18:43:07 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000740)={0x0, <r1=>0x0}, &(0x7f0000000780)=0xc)
syz_mount_image$hfs(&(0x7f0000000080)='hfs\x00', &(0x7f00000000c0)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f00000007c0)={[{@uid={'uid', 0x3d, r1}}]})

[ 1227.001634] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:43:07 executing program 0:
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(0xffffffffffffffff, 0x400455c8, 0x0)
syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x9, 0x100)
r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x1f, 0x400000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:43:07 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:07 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-avx2\x00'}, 0x27)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(0xffffffffffffffff, 0x40505331, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x615, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x5, 0x3, &(0x7f0000001fd8)=@framed={{0xffffff85, 0x0, 0x0, 0x0, 0x7, 0x25}}, &(0x7f0000000000)='PL \x00L\xf7\xd1*\xf1\x1c\xe9%7\xb5\xe3\x19\x1ef\xde]N\xc1\x8eL-\xf0\x14\x84\xa8mw\x84/bIF\xea\xe3\x10yL\x8c\x96\xff\x14f#.%\x95\x119\xbd\xa5\xd2\x99\x0eR?\x8e\xc3\b\x0f\xfc\x12$\xd8\xdcL\x84\xa9\xc8\xe8\xab1Wh\x06qU#\xfat\x9e\x86\x15\xc6\x10I\xb8\xb1\xbej\xa7t\a\x02\xccZ\xdd', 0x5, 0x252, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffed0}, 0x48)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, &(0x7f0000000700)=r2, 0x4)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r2)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:43:07 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = dup3(r0, r0, 0x0)
ioctl$CAPI_GET_SERIAL(r1, 0xc0044308, &(0x7f0000000100)=0x800)
openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/current\x00', 0x2, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x521000, 0x0)
ioctl$TIOCCBRK(r2, 0x5428)
ioctl$SG_GET_ACCESS_COUNT(r2, 0x2289, &(0x7f0000000080))
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000025c0)={0xd0, 0x0, &(0x7f00000023c0)=[@increfs_done={0x40106308, 0x2}, @register_looper, @enter_looper, @reply_sg={0x40486312, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x60, 0x18, &(0x7f0000000280)={@flat=@weak_binder={0x77622a85, 0x1000, 0x1}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/139, 0x8b, 0x1, 0x25}, @fda={0x66646185, 0x2, 0x1, 0x15}}, &(0x7f0000000200)={0x0, 0x18, 0x40}}, 0x400}, @enter_looper, @increfs={0x40046304, 0x2}, @reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x70, 0x18, &(0x7f0000002300)={@ptr={0x70742a85, 0x0, &(0x7f0000000300)=""/4096, 0x1000, 0x0, 0x1f}, @fda={0x66646185, 0x6, 0x2, 0x21}, @ptr={0x70742a85, 0x1, &(0x7f0000001300)=""/4096, 0x1000, 0x2, 0x31}}, &(0x7f0000002380)={0x0, 0x28, 0x48}}}, @register_looper, @dead_binder_done], 0xdf, 0x0, &(0x7f00000024c0)="8246b8ac09469c824f45ecf3d27abd4d9c64f7c94f7fff40548a2fb7c05fb4383cafdada73cb0f14a3eaabbf1f4a0857bc18c595b63ceab735edf3af3befac49d8d23cd67adf6a9ff32be35e0cc9132a4c6f5b92f35b801996839e8809612b23c5c1fc1c9208364656c7985cad787bd38bb17ac790f9068a1c2f98771fa29c854b4eea48d67862e7b566189a7f2078056d0adc5dcae3d1c4512ab0bd10965e33e8519784ecc29c4bd0efb4b8bae63db4d7dfea517dbfddaffbd40fd26d31540045f32fe2d94f8e15899d8ca9d8a75d58223b3def4f7c6a4a945025c39bbb0b"})

[ 1227.130327] hfs: uid requires an argument
[ 1227.134748] hfs: unable to parse mount options
[ 1227.136019] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:43:07 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:07 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x0, 0x3}, 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000100)={0x0, 0x3}, 0x4)
dup2(r0, 0xffffffffffffffff)

[ 1227.274266] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1227.430569] audit: type=1400 audit(1564512187.868:66): avc:  denied  { prog_run } for  pid=13835 comm="syz-executor.3" scontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tcontext=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 tclass=bpf permissive=1
[ 1227.722545] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1228.955565] Bluetooth: hci0: command 0x1003 tx timeout
[ 1228.961322] Bluetooth: hci0: sending frame failed (-49)
[ 1229.275653] Bluetooth: hci1: command 0x1003 tx timeout
[ 1229.281127] Bluetooth: hci1: sending frame failed (-49)
[ 1229.755578] Bluetooth: hci2: command 0x1003 tx timeout
[ 1229.761135] Bluetooth: hci2: sending frame failed (-49)
[ 1230.075668] Bluetooth: hci3: command 0x1003 tx timeout
[ 1230.081209] Bluetooth: hci3: sending frame failed (-49)
[ 1231.035690] Bluetooth: hci0: command 0x1001 tx timeout
[ 1231.041209] Bluetooth: hci0: sending frame failed (-49)
[ 1231.355650] Bluetooth: hci1: command 0x1001 tx timeout
[ 1231.361337] Bluetooth: hci1: sending frame failed (-49)
[ 1231.835652] Bluetooth: hci2: command 0x1001 tx timeout
[ 1231.841138] Bluetooth: hci2: sending frame failed (-49)
[ 1232.155628] Bluetooth: hci3: command 0x1001 tx timeout
[ 1232.161178] Bluetooth: hci3: sending frame failed (-49)
[ 1233.115564] Bluetooth: hci0: command 0x1009 tx timeout
[ 1233.435611] Bluetooth: hci1: command 0x1009 tx timeout
[ 1233.915594] Bluetooth: hci2: command 0x1009 tx timeout
[ 1234.235617] Bluetooth: hci3: command 0x1009 tx timeout
18:43:18 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
pwrite64(r0, &(0x7f0000000000)="a071a599a65661f0f43ade6a50e8f33a1bcf28389b6db60724f1e1a82d070f3e97e35649ac57cd95059d3c068f4f7672eec72f97cc6cb1fbf3e6cfed0dbf0ee30a94fa7195054b8071ce1f0ddd6134c72eb90f829200662b40", 0x59, 0x0)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000080)='/dev/ubi_ctrl\x00', 0x101080, 0x0)
write$FUSE_WRITE(r1, &(0x7f0000000100)={0x18, 0x0, 0x5, {0x9}}, 0x18)

18:43:18 executing program 2:
r0 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
fcntl$setsig(r0, 0xa, 0x11)
fcntl$setlease(r0, 0x400, 0x1)
open$dir(&(0x7f0000000340)='./file0\x00', 0x0, 0x0)
utimes(&(0x7f0000000000)='./file0\x00', 0x0)

18:43:18 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:18 executing program 5:
r0 = msgget$private(0x0, 0x193)
msgsnd(r0, &(0x7f0000000080)={0x200000002}, 0x0, 0x800)

18:43:18 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f0000000080)='/dev/vcs#\x00', 0x100000000, 0x92001)
ioctl$NBD_DO_IT(r1, 0xab03)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
socket$alg(0x26, 0x5, 0x0)
openat$ipvs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/net/ipv4/vs/expire_quiescent_template\x00', 0x2, 0x0)

18:43:18 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = syz_open_dev$dspn(&(0x7f0000000140)='/dev/dsp#\x00', 0x20, 0x400000)
ioctl$VIDIOC_S_JPEGCOMP(r1, 0x408c563e, &(0x7f00000002c0)={0xde47, 0xa, 0x37, "ca4151fe63b4816ec64adbdfdc4cbfff2286b629b86f5b814ab5bc215e689ebd5ba8bd7360fb6228fa54b44476bca40be7ff8677eacc5f28d9e3c49a", 0x31, "323f3de1e9b5bc554098f2eedef477a295f914d1dbd160ad027d6c34226eaeb4f0c735544f56dcc3d1c9d2abbcb312e3198eb86a0502c96c528b3de1", 0x40})
r2 = msgget(0x0, 0x1)
msgctl$IPC_RMID(r2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCGPGRP(r0, 0x540f, &(0x7f0000000000))
r3 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000040)='/proc/self/net/pfkey\x00', 0x490100, 0x0)
accept4$inet(r3, &(0x7f0000000080)={0x2, 0x0, @remote}, &(0x7f0000000100)=0x10, 0x80000)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
accept4$inet(r3, &(0x7f0000000180)={0x2, 0x0, @multicast1}, &(0x7f00000001c0)=0x10, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
ioctl$KDGETKEYCODE(r3, 0x4b4c, &(0x7f0000000280)={0x200000000, 0xfe})

18:43:18 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
keyctl$dh_compute(0x17, &(0x7f00000002c0), 0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000340)={'digest_null-generic\x00'}})
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3, &(0x7f0000000080)=0x1, 0x4)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:43:18 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e23, @multicast2}, 0x10)
sendto$inet(r0, 0x0, 0xfffffffffffffffa, 0x20000802, &(0x7f00000000c0)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
r1 = dup2(r0, r0)
sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000200)={0x24, 0x0, 0x0, 0x0, 0x0, {{}, 0x0, 0x4, 0x0, {0x8}}}, 0x24}}, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, 0x0, 0x0)
sendmsg$TIPC_NL_PUBL_GET(r1, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB], 0x1}}, 0x1)
close(r1)

[ 1238.354621] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:43:18 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:18 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = add_key$keyring(&(0x7f0000000080)='keyring\x00', &(0x7f00000000c0)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffd)
r2 = request_key(&(0x7f0000000100)='dns_resolver\x00', &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)='rng\x00', 0xfffffffffffffffc)
keyctl$negate(0xd, r1, 0x55, r2)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:43:18 executing program 5:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0xc107})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$IP_VS_SO_GET_TIMEOUT(0xffffffffffffffff, 0x0, 0x486, 0x0, 0x0)
ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000240)={'eql\x00`\x00\xa9[,\x00^\x01\x05\x03\xf0\x00', @ifru_mtu=0x1})

[ 1238.411085] Bluetooth: hci1: Frame reassembly failed (-84)
18:43:18 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1238.478207] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1238.541210] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1239.183942] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1240.395637] Bluetooth: hci0: command 0x1003 tx timeout
[ 1240.401139] Bluetooth: hci0: sending frame failed (-49)
[ 1240.475648] Bluetooth: hci1: command 0x1003 tx timeout
[ 1240.481097] Bluetooth: hci1: sending frame failed (-49)
[ 1241.195558] Bluetooth: hci3: command 0x1003 tx timeout
[ 1241.200909] Bluetooth: hci2: command 0x1003 tx timeout
[ 1241.200954] Bluetooth: hci3: sending frame failed (-49)
[ 1241.206598] Bluetooth: hci2: sending frame failed (-49)
[ 1242.475605] Bluetooth: hci0: command 0x1001 tx timeout
[ 1242.481010] Bluetooth: hci0: sending frame failed (-49)
[ 1242.555644] Bluetooth: hci1: command 0x1001 tx timeout
[ 1242.561032] Bluetooth: hci1: sending frame failed (-49)
[ 1243.275626] Bluetooth: hci3: command 0x1001 tx timeout
[ 1243.275665] Bluetooth: hci2: command 0x1001 tx timeout
[ 1243.286255] Bluetooth: hci3: sending frame failed (-49)
[ 1243.291674] Bluetooth: hci2: sending frame failed (-49)
[ 1244.555609] Bluetooth: hci0: command 0x1009 tx timeout
[ 1244.635676] Bluetooth: hci1: command 0x1009 tx timeout
[ 1245.355690] Bluetooth: hci2: command 0x1009 tx timeout
[ 1245.361025] Bluetooth: hci3: command 0x1009 tx timeout
18:43:29 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x20000, 0x0)
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, &(0x7f0000000040), &(0x7f0000000080)=0xc)
ioctl$VHOST_RESET_OWNER(r1, 0xaf02, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:43:29 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4$vsock_stream(0xffffffffffffffff, &(0x7f0000000240)={0x28, 0x0, 0x0, @hyper}, 0x10, 0x800)
r2 = syz_open_dev$sndctrl(&(0x7f0000000280)='/dev/snd/controlC#\x00', 0x20, 0x2)
r3 = gettid()
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f00000016c0)={{{@in=@broadcast, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@local}, 0x0, @in6=@initdev}}, &(0x7f00000017c0)=0xe8)
lstat(&(0x7f0000001800)='./file0\x00', &(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001900)={<r6=>0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x1, &(0x7f00000018c0)='\x00'}, 0x30)
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001940)={{{@in=@broadcast, @in=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}}, {{@in=@local}, 0x0, @in6=@ipv4={[], [], @dev}}}, &(0x7f0000001a40)=0xe8)
r8 = getegid()
r9 = getpgid(0xffffffffffffffff)
lstat(&(0x7f0000001a80)='./file0\x00', &(0x7f0000001ac0)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
getgroups(0x1, &(0x7f0000001b40)=[<r11=>0xffffffffffffffff])
r12 = getpid()
getsockopt$inet6_IPV6_IPSEC_POLICY(0xffffffffffffffff, 0x29, 0x22, &(0x7f0000001b80)={{{@in=@empty, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0}}, {{@in=@dev}, 0x0, @in6=@empty}}, &(0x7f0000001c80)=0xe8)
stat(&(0x7f0000001cc0)='./file0\x00', &(0x7f0000001d00)={0x0, 0x0, 0x0, 0x0, 0x0, <r14=>0x0})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f00000027c0)=<r15=>0x0)
fstat(r0, &(0x7f0000002800)={0x0, 0x0, 0x0, 0x0, <r16=>0x0})
stat(&(0x7f0000002880)='./file0\x00', &(0x7f00000028c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r17=>0x0})
r18 = getpid()
stat(&(0x7f0000002940)='./file0\x00', &(0x7f0000002980)={0x0, 0x0, 0x0, 0x0, <r19=>0x0})
lstat(&(0x7f0000002a00)='./file0\x00', &(0x7f0000002a40)={0x0, 0x0, 0x0, 0x0, 0x0, <r20=>0x0})
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000002ac0)=<r21=>0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002b00)={{{@in=@initdev, @in6=@loopback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r22=>0x0}}, {{@in6=@empty}, 0x0, @in6=@loopback}}, &(0x7f0000002c00)=0xe8)
stat(&(0x7f0000002c40)='./file0\x00', &(0x7f0000002c80)={0x0, 0x0, 0x0, 0x0, 0x0, <r23=>0x0})
r24 = getpid()
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000004200)={{{@in=@initdev, @in=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r25=>0x0}}, {{@in6=@mcast2}, 0x0, @in6=@remote}}, &(0x7f0000004300)=0xe8)
r26 = getegid()
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000004700)=<r27=>0x0)
getresuid(&(0x7f0000004740), &(0x7f0000004780), &(0x7f00000047c0)=<r28=>0x0)
getgroups(0x8, &(0x7f0000004800)=[0x0, 0xee00, <r29=>0xee01, 0xffffffffffffffff, 0xee01, 0xffffffffffffffff, 0xee01, 0x0])
r30 = getpid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000004840)={{{@in=@remote, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r31=>0x0}}, {{@in=@dev}, 0x0, @in6=@remote}}, &(0x7f0000004940)=0xe8)
r32 = getegid()
sendmmsg$unix(r0, &(0x7f0000004b40)=[{&(0x7f0000000080)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000180)=[{&(0x7f0000000100)="ea76d52807d2b4a8b3fa85356144ce9fb3771f5f0959f1c3ca6a121303bd5274b3e2d969bbc0f8b5fe334ff708d74ee46d788814c258783fb885c36996e68f34d82718b63b9c586d72da000af9a22f20f4c9ff7867f90a5abcc91939894a04e5543ace0cb13211a5603503b2d409bc96e8b613877968477405", 0x79}], 0x1, &(0x7f00000002c0)=[@rights={{0x30, 0x1, 0x1, [r0, r0, r0, r1, r0, r0, r2, r0]}}], 0x30, 0x1}, {&(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000001580)=[{&(0x7f0000000380)="f27dfc2b5ab56218c15c828842047514edd4d3db3bbf0b662bc24e575ce9302f34c97e6ab2a5e322036b3f84d447516e62b97e8639410703573c9974dd711b6f2f00176a1f82a34f748bc73d68aeb7643c57a6ed4de518dbbd57939b9b12d1c8a56929e138cd2c65d191d017774e7b7f1aadfd2ad62e42f9277ba48e8d919a19382e14836807fe69765e467d81450cb1b600ce1308626fdaef0db461f7339f2f326eb36f123f275bf5f27133ca70a5cccd6b1196efab5cc48fb0b25f3db4162a8f1db6ffa711ac0212fd9313874c69c43f3f4984dd9e8ed374f56cf6e26ccbbe04c0e8a1dd40f79c63a7aada6e68013d659740009b7c6d7dfa027c146ff03e088d2a6629bd7443fa8c0efc6f187a74b5db53d2ea073b21ad65ab36f542cee19e8f8630d64e047096ce0cf2b12ee2026b1ce7e914d6b6b80d19bf24a86932d58a2b755ce5515c5b9265f87f40199093029c51a682d1bafc7a893596df9c882e49a014814be19f35c36931213a5820507ae443f797b1c852138b68aa1511ec9d506d0d98f2d28ddd66894887af6765e1c681c7bf9373f2f4e6b101606f233b376f7ad7264ea5814de5b0171586169fe69ab468cff73db1f39e7a55fbcb258d3a0fdfe06ecee9645f3f9df96b7258f2b24a7986268d4d8c7f248b26bfeb8cc705ee87a9d62f141176b5eb2a31084f50dea6be0eba8bd0fe35c09bdb0ea4e5c825ca569e218b0481d1a74c07b4af251551740b3fff70e6545df90d148765b78d80b29d2245f6bb2df2bc7141fca650e359c6cfe24bca7dd8f761ec31fe76f515b40ac5042b75378d29ec05803564c322f16d37e6453bb2ad1fa9c64c3f88e766a28680997c003834d2bdd60bbdd8e3119c1b1d74f0bd0bed066186b7897e23894f844362aeaa3d94ea557fcbed7e5c625aff09ec93d233d99135a222bc642082d511c69832df1516426871783ec81ddb9f74c720c47334bd5d0a3d44b2b099e8688c03dd4908c46a17c4304b6c7219a00c55bcdd0b45fd2c5d86bb4287f904f30cea788e0a8e944cf5f682d1a341309878bbef55bcde9283ec65c39f8c293bef7f1014717ecdcaf7592ab20d0fd9158a95f2356735103661456058fe66f1633b3fe092c13ea68292576ff7a1280fb12051bff2e6a72295490067b2de38df131ca15d86b783280a74755a09960c6ddff65219a20605c7f2a40a24ef8294a555022a7e979e1003aff5a7acb8c2bc58035b1c7ed95384843c59e137690d0100a7c5b02ca24d4a3ec17b83d46d7869b86026f56b6b2d778461f5a20414a47456b131ed867566d2e52e8e6bf62d2263d5f4b38471626c1b04991291cc9e0857db504b244089486ca5136981c63c5f7e0bd1e9634ccffa74fad0167da32cda607d5fb6f17a6255cfddd3da92e6ce42f1ee5fe5b98eb238217d818932a7f7e240c77c6808f39215a46260df699d7dd826a3c821893379e469bb7fbe95d47faed93467509975d2a3361f7496a1e359c470bfe41685b867b84e8c3201b7e295b68cb5d6b60fd968c815bb340bffec92e3e6872ff1c3606c4042532640351036183bf13604c1a8b7c3910a48c34b572ba331babaa67636be960ff6580cefb4c1402873e5830eb9a01e4a3fb22f15537865b452e3008b7f0eed18c816b8dd6f066cef5ecd1531ba7097a2af118ae2a8854a093878a39e256dbba184924e3831426dab4a3c973a050adf6d53386bd068d75be13beced6741b4790577931acb077ec6dda294216ea7af7ea5b18fbb6cfc6e1959bde0bab5fb66f62803b6640f35098ba6117035f78027e4173794c3f1a41f36ab5ea21cddcf145789d820bdeaa7e13089bf8b31ad8d10c2ec2e269682c520ec20f2d474a55653dee8334bd21c5c25e0bd75b3f000fe477247e3d928f839b439f8bd4d4f72ff2f25a7a83f2171c28c1e0d2277ae02d7d1ea0e0d4b806be71e45f1507bccf6f610edd4c86b8e23a455929595f5f98709f7fd3d9189af7ce756e950d994374300a04741df89b296c831b045c76e855d12379216223d8b12e60612d9ce551f2ed3c1765e95531cafd22a19ef5e3aa22236c47dbe517a39faf1f4fec5aea6591513588e64a9ad19a33976d95b88009d19098fffb7c6f316ee3880e77e3ec9898cdad4270206a732c080a0e36f0aeecd402b6139db5692215a3d576d609bc5f5a65aed42e8b049268f8fad7711fca9c75d661781fd9d42a2842607603c5ba9ee7e7d8885bcbd45a339aea0816980a8c6ee08ab22bbbb0dddb9eb9e17ce1d5b6d7eb33768efc86c0bcff01cf500752656430515d3880888a9beef9bb2c2d64300e17bbc3ba68dcbe155ea95f87a59a11541c99a460c495f0c717c68c65279ab7bb2eec1468a70934091129de29e2690a310acc9b60375eb899f28ab183874b932e5c9537ae63d63729c48fe410310d216c8e6975280a7589f73da755bd3a905b1d8e0ccd374165d6aeebb311c72ab32b513b632a2ce16d8c36d1b9f2a2c3f888c1c28f7a7c8cd7ed185f5a56f464b53fa44fd7277d614918ada45caa91be8ad8df3ade602bd6ea5ca539daa02b89d3300fab1395a96211c1a8e67eb8eb3fee9100911df1df990b70da902ece503d17c18952efb2d374c79b1a0a8c8f93e493a5ec155fed326721f1c13c37745283e5252eda6984ea0848c5eb0ef26c753a3910325575c9faca8c67251a01f25714d07f18ef23ea969cc234ea675d6b6ea4fcd466b94a78279571c7c68975d263b056aac7af960092a63998b7a454b96a0ec7602a33fd1715e43975d4c2b47b93aaf23bb09b7b4618831bece5abb8ef0927edcc90dd9d36b1beb357b43c96d0bf0c9a38cbbd0de0a64fdc5da5144a581f606e275b6b3fe748157c96e8b9ecce4f29bc4e69e53ba0dca055891b88b077e3d9b6b82ce0574d10c2a31405c045fb908568bcfc3b72aa45338a79fbb489b70b15ef6491452409e03433abf5305414717b39b031a991197e3eca7a6462ae96a24cd5b08f36a55fe33df7e3a31418b38042c167b89228eda2ab8947a5a6b30d7e1ee34f9acdbe881ffe9aa1cee5e6737c3fc6aee6a3dd85a3dee4a4a9958015b801b3c866f1677fb67ae705dfd47f640379315bc4f17b7633e8735d66707ae2c449772e95fb16250d2966f697b963b4b0bc743b907b9135a7ae7ec554ce8de098f7eb00537c6f35aee541213b9f0b3084933941e92a71fdfb47af8a7f8ac8fbf859b45557b7c17687af73e57ecef2744a886aaf2227f6901ea6de1699737b70559abcdaab0f2cda14b2d78f5d9b6cd0b8e10b234686558f47864c9a51ad26032630e0864b0908a9fbbb1a2965bed640e1be3140aff46f50eb5db06a8dbf32f6d87a040b82b1141d96462be2c9ceb992fb678c79f0665e12c12c469587ffceba720b2b909286f254c48d083e717056ee87514ef2eaae6357fa21b033984daed1a36ad0d7400495ad1ebf5fbf44c853e042cfc33d2b46a44af47e0601006c541348971f1d6124eebded55ea34899de4dd76b96e9608ff70002d45ef51f58a25e8eee9ccb68116458bf02405a3df56b0d5057966f3ef7756f5c2712a2b9888fa69d57177a00b23a2a9937d1f6613e56d3cbc4f048c04fdc8641cc1383b89d3785c8311f894d32f4f1c84581ca2d94dff0f1b47d67d762655355d209fcd2b067a75f8a6bd9bf0d3cd174e0aee00d6e87dd50fc069bc3348f9aee9c818cf4da006f5a14fd59cabdfeba77667f4a9247a7d721094c87df0ce51f0bdfbdf376b8a46ad6cb22fa96a57a36ed564405c55ddeb5f3feab827dc053147985f0703e30b3751f476b5e0381eb8538c2dddb573ec52104ced2b0280d12e13ebe929b411e36f062d18705273c0a69778ec61a915192fe4561a0ec7bf9a129169669d9feb3cab62ec69f90963b7878ffec7f7be37ec0da218b598b35a5eabf95ad4d8af396f7c78e6b941cde556f70d60b97709f017fd0dd306cd3c9176a9e69206ca75e68ec82176237d9a771b12c58d83b7cff4ed883908f74d89006454e6bb031d6161573e87f7065829e9d55bf42a9e51cb5c26370f1931e896c672d1c86efd855d9bafe4763ec415b16404bf715e6dbd978e3024518e1bef07b492700a4e447e8e2c9fead31cdd6f637d1da866a3957b2cd2d85aff9e67e5663fcfe6faf5220e91f98bd111902060f320d4bf2d02b2787cb2c94c191035c755e4a76f93a14c985b64a6e33a8a50e8adb394eeb45a07cbf382db865a7da99270c8c1e367c3cf81f9a8e3c391ef71aaa15eb1fed72e61951f00321b32b43b5cd3b7d70f71a1bf0b9ffbe6bda10cf98cd8c7f00bcab8ba842d679d4fbf48a9f66d149991fb7b76ba7766542b3594f2243e618034873c7c4b5403db5c4edae4c98699e72b401b6cd5bd5a1ac67712d5bdceaf55f0451ab0a6fcc8222c34016dfa47a140db2e6544c9fa5446901c7080d1e3ca691c65357e639942f8dca0b533402abf3c68dc4296a9376af69ca76376a0c226f3bef4526ae757dc1b9f062af35ad599c252f597435296335d4e53964c03d649fce724f5d322e58a7760e0e1f9dc944c2a8398f51b71c62cc9cefd68e5c26335c05ee60b95f5bcc5e22903cf42cee96c1595acb0394f377dc978f31c9d530cd87c30c8dc041be7c79433037ca79986b6900997262565881a47941fb97a1b94e2602a9baf7f647f7c5df6fa9e27fc1db9e603e7b3d26ea610c6936cd7c90c6a3dbb311ad7ed2fdf908638714f93c9d3d874119dfdda0c2680bf4e48a8c3ee2d3e21772a08132b1d9967bcef2cbb99082d5b5f5b19e35fe05c34ab02ed432bef9e984e4bd7ec5eca02414473234dcd736a644fbe6c0fe45a280b1a42d432ddc745c1f1e65ffa669e24f32fa5aea10fb1368bda6a076fcc58af0aa3960c731d34aae5c67d93f91ebecc7a5c57858ed2ca591bb546228b20ce856eed9fa507bb40990babe206a2a2f006411b4d1947fd8705a5caad2a8a24225cb0b545d13eb64c07048c49422b66120fd8b9075af20392ccbf6725eadaa6156398a5d323edaaca6b65cd0c49aea228416650a44570dff03c5203cbe847dac9266f98814b86d5bfa2a8aa6dff8fd5e171972101167a49c53c1112f4da59d6c8b3542827f2fa452895c74b300f82f91c68abe20273f5a7a5f44d9328d903a316f44718c9d8b994510839160805ae10c77d9bf3e3bce3b040893083c9b28263b51e2d86e965478c2f039efb8c3aa753f8258459f5279db977be61121d5335a7c0a8fb6a427b5c7faf0726c0e52aae5c947adb3eb4f406babe8586143bc26de363055c86dcd867729d237570fac4862463b7521fa2c2f5226a7d01d7ee88afea1df692f87eb3ba1a248ab4aa1d0811d1f03dfbb6d0392c04401e5a0a238ca4c1a96f4e3c5f436ed84d8fa3e45d091db0209cc47987ccf081e6e4ef0ec217cb74cee20063b99a17d405c08b380f61ee04a0ab5f6367d41a6041c548555aa73eb743baea9a3dae797712316ce9ef08f6319e5cf667a4cf9c80fbb89f5e7165651b1353fcbb9b8c8f9a9a061ee942a83d831f74fb31a6f1d4c74e470c10d9da7454319e1108cbbcb94dfdfbba4b6ba6e261f44b56aed68d3f2b5493153ce96636dde4b773ccf2b915caf799258b1a207e53312865ea96fe0464ad0a5681ead87a8eb8d915ee2c082ff65956c3c1ec181127e5b459cfaa2a95dadd017323ecfab8d04c7ed1a4e3e5a0bc683c7ef827d8ef4e0f112648a71fb36b40a0652ea18cd47a710ae181b3435660bf35d4d7ae1c9b538e13cba5c1de2629216944f", 0x1000}, {&(0x7f0000001380)="9dc359f8a642e8f78411ae280d10564cacb7b1ffd5d7d0187aed9bb8b3862998600515160a544968a566756518197860d50b72c63f1f53fa20c43c1a892c4c9af1ba53702c98b826a66ec51759ba820178d6c89b491011c5c8fc6ec19eac18a7306b97f0d8c8d2dc78479f6e17a1059a065c5d8bf222f35f67e7a1f1ebf25c57dbb1", 0x82}, {&(0x7f0000001440)="ea1d0c257b12bee553c7c6f533680997630f860bbcf453c4e542dc3955778313fc34092656cd6205e8788f9420c44cd099b0fb8607f89ea9", 0x38}, {&(0x7f0000001480)="bd646134b3334e1a6c4de7c0d0f5e844eb105c0d8c6cc819f186ac94e8c5b6d70bff70a8b68b4039f627277715a495fe978e55c399675ba0e14e6355a10aa0bf00e58da9a988e2950c34c96ea3fbe9d0c9d8397af3d3723b1d2be2cba6f59b55ee8b21e087c01371bac298e65a830846b863e4d0830de609ada64b150750e4c47a6b00568c3455407ff9be7b6059bd289cfa879a09a868c04514bcb6037b36394d67f7ced6e2b18e062405224294cbf8f13b218e26550a78e1959b24c4c114f10f410b062fcc098bd08bfe6f90db81c071c080bb0085e3e51ce00408a5fcaa18772a7234c34f2c", 0xe7}], 0x4, 0x0, 0x0, 0x1}, {&(0x7f00000015c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001680)=[{&(0x7f0000001640)="817e0ac78f6fa390bed3ad01d5d98b6545db66c39c5563466d", 0x19}], 0x1, &(0x7f0000001d80)=[@rights={{0x18, 0x1, 0x1, [r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r3, r4, r5}}}, @cred={{0x1c, 0x1, 0x2, {r6, r7, r8}}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}}, @rights={{0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}}, @rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x24, 0x1, 0x1, [r0, r0, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r9, r10, r11}}}, @cred={{0x1c, 0x1, 0x2, {r12, r13, r14}}}], 0x150, 0x4008805}, {&(0x7f0000001f00)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002240)=[{&(0x7f0000001f80)="059d6dbc8f00969a86a6207cf4705f92c81d79de30743e961b3039f3f7cdeacd2d7c57ae8eb1bb211e5c8752b640282cbce373658e572d4e888c401ffdec3e09e1bdbeddeb876706f083a199ca863092dd5028d3780e52c05eae71f04c57557062fe156477bb4b49179f91de5df2669d8e2a9e1df094b79287319e52c0924b1e05ae35db9704fc8f8fa6875411aa32b2724d3cde8f6672e8de438cab644758239c78f6a6a331a81b7f8b055142943f23ec9d04310a059ea6332571e6004f2cbd18b5bfe3bf63b0b66e13dfed8cba18b5ee1588373cb2b2e58ee2d6d438c9796b562a6c020422029c55fdd8947f7ac447230e8805", 0xf4}, {&(0x7f0000002080)="116d015f", 0x4}, {&(0x7f00000020c0)="79f19e1098fcd9f9624b89e50e9c9ef6631c190ac0af515af987d5a73447d2fee9402864413da045664ed7263669c00159ba582bece88910712ce29f1788d79a26440dc1eb1962386fa479fbc0046e29f56eb6ffa0a6cc55a2753795af3f1be307ae9da5e0977708cc256e5f834b7bb19d30d6259a6ac8be28524b316bb3fa643336530e652d8449eadbc80fcb7b0bbeb6148a1eb37b6564a007ad1474d97b7e31b5783fddd2a1bba45c0cfef732044ea25e9a57186a0a2fe4e677aa", 0xbc}, {&(0x7f0000002180)="74d582003898b0a4b17d7337fa783a172dce2e5e0a860e0843f2e6950b9949e648043e7bb70059ab8d02a0ada1dfc38d7b168f0c5bc4fceb1fbcfff8fdb88a3e963197ddb11ca5d4bdb4f007602f3c2cf5a84ce5dbda5f57a2dc5349f0b1b5439922dfbef6c36a1a7e85f78e26d216b790aec89623177f7ac22e63d1df715ced882ca8c8feb388c5fe83ecf1134c6b4184247a26051fae415f5b5ee43f", 0x9d}], 0x4, &(0x7f0000002280)=[@rights={{0x38, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0, r0, r0]}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}, @rights={{0x30, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0, r0]}}], 0x80, 0x4}, {&(0x7f0000002300)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000002480)=[{&(0x7f0000002380)="6749c897d248fc9f03cc6b908b4fad3e5fab100f06a11355e0f47b020a7eef448959be055cb0bc90255579fb860989139b031264ac9e5589455c4304a4d64c38cc634cd3dc94e51e1304d3828c1d60abf419fa778cb7958fc01d75e0e4394c440ae59fb3070301672d943a3c8afd4ffb1f7eb91d34e1e326ab7263e81579462f8c59b3c001a5bf9ac207584a6729de3e6f5b4f10f4462e001ccd6414da65fb0bdf31fb05f203261ca17c5e8461a974f1d7b1cf50b6510494e1ca10f1ee504da227bb75c28abe02f9", 0xc8}], 0x1, &(0x7f00000024c0)=ANY=[@ANYBLOB="34000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="000000001c000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="000000001c0000000000000000000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="0000000038000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYBLOB="30000000000000000100000001000000", @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0, @ANYRES32=r0], 0xe0, 0x20040000}, {&(0x7f00000025c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000002780)=[{&(0x7f0000002640)="5ead1ae9628ec96bf6268a952af71b854e4ea8c42cf2bd8378ce3a667212ccdad32f370b136f5158f78377d6f1900f4b82b30b819600f6dc2926ce72b66989364a647982dfdb6b5193ad443a0a206d0c97127bb2e640a6ec70f500ba56cd9287d728e59ae28eb35e5d5a8712cb88b3c7deb5eeee560073c586749acac7f4a0da8d1e6d11b5ba288887f6", 0x8a}, {&(0x7f0000002700)="b6ff123b5e7c56811a34b2870849ad01d3f6d85196ba18511d8d7a97cf075b9e651e5a9b84f7f5d5f5a81fef1e1b5e2ec836ed8c109878eba2665674516152c24c8ccee684d6d65680e9ff9ca91ae9d6aa21db5bbe7aa2d534319ddfe0948ea3", 0x60}], 0x2, &(0x7f0000002d00)=[@cred={{0x1c, 0x1, 0x2, {r15, r16, r17}}}, @cred={{0x1c, 0x1, 0x2, {r18, r19, r20}}}, @cred={{0x1c, 0x1, 0x2, {r21, r22, r23}}}], 0x60, 0x48800}, {&(0x7f0000002d80)=@abs={0x1, 0x0, 0x4e22}, 0x6e, &(0x7f0000004180)=[{&(0x7f0000002e00)="61110d02bb705441f08359ad59ac57d7e31b2d8a712fc780c1a92e64a6b1a6c7ccb1377a0bb6ab67de80eb26815c8361f703fe524b02ff336e27a9c80b621e2da6759a0754d015543141267e8fe4faa14bb47fd091984d19d34b9009005e00e062f4ce5f1eb434187b3e2e0fa55dc853baf02573dde7ad468770575455e8692e4b45083780cb71c0b06cf9d13ada3e02a56b", 0x92}, {&(0x7f0000002ec0)="23d6595855a31f4ca6cb5dc4e06b972e2c7c2a22c2485c9074602c3815a99dae991b82d8ff376d32185e4cb84574a3fda4ca8754f24ce8d0d95b5bc5bbf07d1df30ad1cb0da6705b0cbb3045e27d11c621df29165a3db2bc0fb625b85a8f69d25f0e61bde1e8eabb4c541e1845afc913c939161c35e7de98064dffe009d539f478f3cd0f2be9cbbf25862a071a2640fac287be04398020f5b5fc297ad832ce7b0293d48dadf3a28f0b93cdc67186de2eb65392e0b361b4e8786eb64022278148fabd864a31fb7d4b216cd2ca304f625f44f7aa745b5d5b91b426de9650e2255f917aba8c1508f604463756712801da2d0570", 0xf2}, {&(0x7f0000002fc0)="78b70b55fba48cc79c8951b47ef9c9fa1afba430b38f9960830187809d6e2860b042846a0067e2bcd5418dd64c6b493d207724c762ec3dd08d954014f08fd43a52f9b9bee644d08e", 0x48}, {&(0x7f0000003040)="e7a367306edc2392f1b5b71a405ec6b14f90eab15f9b4a42102df1b7981dce38f40700396d1edf065ea6e10986b989a1b19f52faf506ac24b292941cadb5417f1dac0b8b0e6caadcb93e572d76616de9092999d6ce8016b1c4771296aab93b82317c297d1f83a00e25c81516be6f0313ba581a0fc383076c4f76be932df686ac4eacfee493544d7c980bd0c74d24e3f19c3bae0aa4df5529a2f84fedf7bbc09226c5b954a3bf030d387bf28fcdcbeedb0bf8593b783c895287a72f59707b4cdd2c38df5be610841a2983a11a27cef05a6709af3aef78a9e09ed2fe441830159ad49971b9b96ab1a0854b625bb11bf3f5c1eec7a9774dc6d4ed1a1ddd62436a7ded5b78ff2b8ea7e223ec328ad9c69b9695a754d42a3f16fdd0f45a23c9aa51e987a8e93f557fe8f00d6ef2d122304bfbb41f29c282c9ae54668bdef6b3246723bc337852316239c482ff4ad99050b3e54aa400fed7f63c84381503131df37f60f4daf5a77c3fdc236df5bdf514bc7f5d625b9284bbd240afc54a8070a6284163211c16fcf7ae3f54c06d8e0443f70950e664c933cb71ec53c998ebda9c87185ce56a4bd9f3709e7bb0cdff6a1438b58219e4c9f3d4c3b4b90961f6cac29c46f16ee086062f1bcc95e6556da1e04ea90330be1992bd9af8fd89e0c3c342a917ea18ed54e1366cc3ca4c709d2f937b905a917e0ecc1615fb65c663e1b23ed67b856f7b7bddb16e520c0b438c46df3d716fed2297c078e399fdddc779f926631850158f714eee25e447b1608dbaa7cb31d187f5d14aef970453f07450afa764bd22481f6867e3f9ee76b653c8af8448647c134c07b2a42b1cf7abc7d0d9f55c749a89b1d56edafb882d39f02f4471e4a5cef0de8c5543c781ec505ead5512e3f474646295ffa29bd89f56a754062930c9f20274160b03a3d2f1e655893bb9857727fcf1efd7a0764ea69121c5623b0a7021857e401a5a0a2263f2c363aa234fbbe7ff4362e97674d2da811f78b439c5af014989ef4a8a36871b0ba5e99b9766fbf8b02fa2ade60b16910859a710e7259ab425c6f7f8c08c9666c39c5d94ea530db61f4ad2b18b1a2234e1b9f3af7d2cb2877dc8b6f3193bc0dab43b9dfdc12c1a9da8cc7e7ed0fcfdc3807fe1a0c816bd7f5ac4ca61c79705831aafa4a6ebbc65056bf9af8bb4a038899f53d001ca9a597e100fc8e0b5aacddb90d4302af3eec551d78b4c32404c0e3fe4dd51a9a090f30a42dd85ffaef0f858219413f9eec3cd2c77da1de1d42bb78f5a4330d0865edfa8938e2517c950ef3f2a359e072a905386267ac7486e3c6854f1312f1a8c6d6bc1ccfcefc7cddcfb87bc9534e356ba6a64fc7b26bd59362d8f59afb87866a3ac1d4291c71ebbb7249725028f1edd7b28d11d6086e6f8c98b48899aa92c92a1b7e15d79626e1fd35ee029f434449800817f1e71a0eb685e074633c30772cc9fd6279be93da77540d32c95d783b54bc41e206704cfe50fe5d1a72f22dc7d4b6b304a5cc15e3c18c9f987a344432449df01d56daea500ce8a6152f4b7de37217b16f68479c5c5a0b006feec81060ed7461fc9f98bec7a4e07b6d91f1d1a1068645eb3746f4cc415da49eb075dd7770cb8e0089ab32c74259338a9b9af4ebac42094552249240d79d87fa803abf2d734438027c7fcf60910b7c6a692f3e422508e0c67d22d2d6c738a33131bc10b24760107f473a26bcac2550a3577ebdaa6c7fb895b4388d16984db237eee0605cb5b5a181180d7916ab993567a3e7908b84ea66d2a46346b898acbbb719e12d663b10ac8b4d34c5103e56e7af001ef576f4e082207fe5e8bfaf68ac2f90a976d2ac18786d56bfed2b41c471b554b0e8cbd7afbc568aa574f591c9600dd4c19bd73e44763e07aff6e45472f5a02e04b552b49e493269c65a7668c64f125ee514bc88a2e323641572b51dfc3e4e7b8df30843b89cd9d92b07f06b50fe16b14bc1adc3c8202067ff2ed1cc1139eca6be9fea08eca373acd6415f30b2a1652595d553a762a25ff4ed1d4d8aeb1621efcd4acbd728ec1913690dcacb3de93577ac31ed71016e0e4f21f606eb881ca18f16d6aabb46a0c49d2f9a11ababbae2cc98be5c969952701356069a5943c6a7dc11ed68b2a3a02aca0a6ef5abba8d381afdd813349a22c93a50d7cdac5f220aca3cd2d62d01ccb95b0c2141edfe0f5368535d3ad2ab96d1e83241be431241a1ca9c20fd4ce6ea4c866331c8d6b40de4057da2c6938a3cce3c8303d4823a7df8a77f64550149b28c15adc6e8d19a51084f7158fed2bcb64b1973c510fc594ab25e8f5c418686155ce1f7ffea091b3ef7abf3b957c4859aa34a262968eeb87b6118df03a66476ccd5ec7de2e06e5bb9a410eae0d487f8fa0a5e97364e37e6d7d0a09389576b58d21a97913977589b4b04e9f02e284039258ba1d230a2bb36ab8b27495d4863b6ec954533fe47548026dd276c9e577639573a6fdff6dc6aef36568db1845aae9fdea4a4a5a6de27e14e46e29b4f50bceaa61caa897af0011814f657594ffd2c25609ffc1d279f065f9063c6eaef1a363d7113f371c8cd774ea156d225fdc9aa8b314b0a6548da0bf54a20822af8e6b2ee78024a0f89dd521c2bb1dba60937b0fa5ce131734bac813de197d9c4d59f75add50fb0dabdf53fb939611734e84ddf54ed262102336479a878eb5bc5620869fee36c0ccf1331ae7ad093a884bf80f770ec1558cf2bbb325ec64032a4b641fadab4d475e3624763540be7b8c63d9572d13b63c0a90d9f14870926b5c550120a5e8c36201a46577386e9c682ed0871e0ed130ea6b9d2ac03a95d5cc6f8e7110083e754947415ba589e6ccd9bb756973419acf400a12f278f1c445bec53152bcd40efd391c1f331c94e032e142d5726899903c985a854363dea4d9ca29936b10e8a23afc1e214032722f12f8a9d859a60e7021e438d93747922317dff807284530d0b54a1110f922dc29d16427f93bb9a5319321ca9052587ef4446afa3c93dc1e3c397420940e80ba338abc4bc9b02914267200be22cabf34f1c91b4746fbae97636c55872c07676bb4a33778cc2aeff444b79df3e87f9f5bc6ed6015b5b431b344f28a86c93adf5a0576dbf9709c79bad56ca824cdc43d1b46c4b5901b50042291c54e785ba09e86f3957b61206d6981fab6e3e1ff45f72b27e85ca3c34ccf78b906d24c012c1547f1a763bda9f5b87cd69d3d28754741612328da87c8bde903e13fb9b36ff671e56ecf4ff65ba80849f5b8764db394bcd1442fd1e3255a76faf14b59bc65b0f7cd96574e5ffd1aa77fb1f78d3b02978934df0188c18e4fbc3b81161fe3a5a0e53af78bf3f73eb211431b1a00a47ff37836c198fa191d04096307fc3cb87a9064dacd5ab9fefa0e5532273bfb469a847379c16ff86b3c6d14012665aa1d4bf93eaa495eeb7b23e1a462ab1313a915ccc7bb0ebdc6e7073758d67569589590bda06216e4a7c0a831c4d7815709be40924dbd748313295267f6560ad17a530420bfd0b257380315f94653f5f4d571afa33a2514a951d181a60d58b8bb82d4151a2ca4346271a79cd3c4de3a0f92c508b55202abf5d1af21c8a264ca1dfb734ceb7d821f9fb43d6020ebfcb91d4a498c613ee178da2ba4f87b4df00d58b91bb22bcc2a6eac5da16a4369472bdcb6f6e625eb8ca363c6ddd10e23e5f4fb3ece97a8207000b8bdfd2a0290570bc22032d61d91aa80b6512449fa86204054371fd79b875969a2dad08b859e99a0a056c1fbdd6f08b397844d6a0af6f86c24591c87ccf6a38cb919d1c4e37c84230a9d8355938b61c12857f3a469127417f62424a338a8f18d73e4bf22c0dd8a699734e8e7e93b95a681dfe454844f0010f5789dccc04d814831ceddd97c7c1dc90b909c1ec354b199cd9f7fffc391a9bf4b7c0178170fefc94c221efb719b520f55af6a54b576f3919477275ccd8608d0c4955cffe70f577987ee424b9a8378d07241c8378a07c347d52fd08e65427dc10796a5ea2be73276f33b4c1261fd48a6f039b960a956f413ca5020ee3abb234dfd29b822fc6ddd33072070d2898bf9823123b416d9094498da4086bb13057297c475902847030079cfadaccd51437cd8b7a1eab3946ccc883b86ff2b018090e4f95cbc72f3ab065f01f781671189a8f0fa5f5cb41101d6a4147aa721811efd9a42ed42233acd83ecb42095a5b5ac2d8f179aa3171c6f6a89888c01c42b24e586a54fae794bc309ef6080d9f2a9b7773c0c3c13213f3a0ef0419c0b4bed7da2827429db955d6e9e108549c260a3263cbdd3f592ce40d31eac8f332955544711bb67eb4027f4178cd73955205821a40860da82d6ee4da584db8db041a942f18e494bc645e9f75ab91a7fd944cad4b83871977845492450fbdbc8c5bdf31fb9b50428c54fd38d4d8a568571edf3b219f532dfc3316d74ff18d205b6423974ee55177ea5709f935b29e34d18a1a6a610be8fe20e02f166297cdba574a5281a4151d492d3531580bfda79e6ddf1439549ab6c9bf043e15e7f4e6926dec88f8bf77ea32ec9f704d581018f6112a5aab2d82abfbb74c360b5e44d3a3dd8698f2cd6ed82c637723f9f75d80c6359188762c5c485dd674b8ce85476a073adeae4e8a2239b9629c4e018e2c6c8091261efc771a1ac20f77e6e21be2fc76778ed2b72173e32e2f798ca76316091914f55ea33dfb0a8f050d329638abd0eb61da9a5a821b5fed9774f973bceedb5aa6a8abe265fbb9adae7e4093da8f487b9fed8085b7e7883ee98f15c58141a47fee6c02e8f72c90bb39319044a80de1fceacceba7abbe9bac83cc2197dcc78a0c14701ddbdedbfc75847dcfaa756a2fe131ea606e923d1c52587f82dd899a06f17f286072663e8410e4b34fc6c74d2a4c906cb2cffb896a9955312404f3bb3558a96b1521a8579b0c7e2dfd00d1a1adccfe7cdb9af2470ee354b9d0b64b65e1de7eaa6bbd3a8afa423b1ea06ab6cfe149263851a07f2aabee29ad93e37eeb47898f515fc6e91921efbf2ddd5e1ee87db42b133e20dc50ce39a631bb93ca4abe3e7fc1da3d8a0a756cd860fb53ae0bbe91e9313810e186656f79fc91fec6c791d8e8f0f535c1f5ec13bec998ed14abf2e52b5b5773cc8e230c4b57c4177dcb879d07c5f7b2f983b4b788066312f76c1aa7a283c1576a02d31f7f3bb0d1bd7581874ee04ef5f821cc43c9e2a0fbe02a7055103f144cf4b370a8d9e30d455617122d758e97bbf2195683e6bd01d7ed4746934d4e5a6c1dc6711065d1fc24af6ca5716b7fa7e45f5ea766cc7c1873f680eb90ccdcf2640709cf7553782722b37fe67f5708e74c96db452fd383d0435e09104918d13c0fd247d417877c76bc586e5e4f184a61a63b35f46ae267c37be8658da576185a0f3ec35c1e7f2f6b357e37de9ede85be6bb3785c8585ec4d19e8adfe9bc518c4979c5226d8d3fc5af2b13ed1f43361a7647d39e43bd432bb173630dedcb7873f8f680baf4eaffccb1719812c940b3a47de9dd75022743239e00a7a320f2bda8d2936dcb1d43114bdd63900752f9cf126ff426481e81ca1c1e98d9e50e361e93ac111581f53c8b3666ddabb85170dbc117a38be611f172a86e7c49e82b21af6045f938a484012fc72931991c734ff50374188ae71ba41f61694329159804e572753a2fafb3b22ee13f53b808cf000eaa8c130037f53f32312ac9ce3511859b7777989a33dadaf665169dd550a9f617953924e6668b8dac7433df982bafebbcb0a6d2fa5cf49ac1", 0x1000}, {&(0x7f0000004040)="71dce27008b3a0256c9dfca3c6c204cd71c04cd1baa10a0a2b26ba14f5692887fda7c6d4620d60f2296a451f7846711c29278082c8512269f19181dd978263a028dca5e3e074e18a889eb6e6c8d5aea0f973557a7496b242f6c00f6643fd6042ac8a8b1d106181723bc498a453c785be1e7a26", 0x73}, {&(0x7f00000040c0)="21885a7d40bd4ae9098a11f7739e4572f0cc6fd6bce2d51a07b09dda0a072653fde086bbabc66eb3204a35c3b9a8802b90dd34841d056860f79ff243969b8c0b791546bbdf0e5f2d7d409b418a8709d4d1", 0x51}, {&(0x7f0000004140)}], 0x7, &(0x7f0000004340)=[@rights={{0x14, 0x1, 0x1, [r0]}}, @rights={{0x18, 0x1, 0x1, [r0, r0]}}, @rights={{0x2c, 0x1, 0x1, [r0, r0, r0, r0, r0, r0, r0]}}, @rights={{0x24, 0x1, 0x1, [r0, r0, r0, r0, r0]}}, @cred={{0x1c, 0x1, 0x2, {r24, r25, r26}}}], 0xa8, 0x801}, {&(0x7f0000004400)=@abs={0x1, 0x0, 0x4e24}, 0x6e, &(0x7f00000046c0)=[{&(0x7f0000004480)="24f251f99f0919013854e7230a846f6ae2bde6e30cf7010d180429e3b5d5c83840a859cf40e9f8023306688167cebf4985a8dd7b2d911de3603dd65b51eac8be196d2a149bea219647dca95ada4694a852d86902f299ac3dbd5d018398f5279e3b83e8fc5d6c98ffc2ec113e69708763c1bbae878ca0c2661bbeaca33cdb", 0x7e}, {&(0x7f0000004500)="eeea0cb4c7ee55b5775152bffda852c72f5046c387a7453c66aefbffa05d643da92b7ec55725a977a91ab6e5e6794c2f7788431c4bf94d2e359409f605be5bfb373cde82d0746611bccbb4106e3db205a00dd4457d06858e7b8150d5e0fda79c8c4b16b2e73f42f426d95b75254a7124f79d9a9c5e3b502bf65acc42f448b6a324655001bc71de5f5134d7c605ac99591a586897755ac2f750e92048f0eafaf88f3119c3a422b1f9d5b4cfb5af32bdd2010e2542b2c6db733cba09a7d46bbbed4c6ae2499e5169b41bdee1657d1182d20fd7539c9891e86aa9e9094c03b0dac8ca1fdb", 0xe3}, {&(0x7f0000004600)="2cc086ae23ec8986a87cd2064c9d85483de2a360f3c9f10f3d4a89915d27861317e18f545fe6339c65ef26eb4a4f60517972c6d8d2c4fac241f61af6d605e202cd2b4ab7cf845a1e9e2188933509d74e9947bd1c0b8255bd352f059290f4b9260354548892e97cc06a226aea5c28b8932d0e92e85b9145f25bb76e01057438c09d211a86fb651b9cdcb6fbb9c8574d29c9c9fefbaa53cc1836c302353ddb981c95231d49d4a48cfe0d4a132aebdc3cad7d48ce686b70f4091ddf042e3c52a9b4", 0xc0}], 0x3, &(0x7f0000004980)=[@cred={{0x1c, 0x1, 0x2, {r27, r28, r29}}}, @cred={{0x1c, 0x1, 0x2, {r30, r31, r32}}}], 0x40, 0x4841}, {&(0x7f00000049c0)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000004b00)=[{&(0x7f0000004a40)="3b95e52805beee45697455b8eaa549aef2b5d3193b873471f699551c20b21859a3141a601de86fb11fbf2a2ccd4fc5abf959220a85f0a2a1d7108559fc857b09b97ef1de8d1e30b62041c201f8c56d3f06a3580c769f23160d49a45fe4a8593a97ba8a08b4c58d1c7dfd04cf16869cc37fd985e27a7f1f7df6a173e4b4e191cd1948ae4b455289d4", 0x88}], 0x1}], 0x9, 0x1)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:43:29 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:29 executing program 2:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
dup(0xffffffffffffffff)
ioctl$KDGETMODE(0xffffffffffffffff, 0x4b3b, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140)='/dev/net/tun\x00', 0x0, 0x0)
dup(0xffffffffffffffff)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000000)={'eql\x00', 0xc107})
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$sock_ifreq(r0, 0x8914, &(0x7f0000000240)={'eql\x00`\x00\xa9[,\x00^\x01\x05\x03\xf0\x00', @ifru_mtu=0x1})

18:43:29 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)

18:43:29 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$VT_WAITACTIVE(r0, 0x5607)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = shmget(0x3, 0x200000, 0x54000000, &(0x7f0000dfe000/0x200000)=nil)
shmctl$IPC_RMID(r1, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[ 1249.263092] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:43:29 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
openat$rtc(0xffffffffffffff9c, &(0x7f0000000140)='/dev/rtc0\x00', 0x200043, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x8, 0x1)
setsockopt$inet_tcp_int(r1, 0x6, 0x7, &(0x7f00000000c0)=0x8, 0x4)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000240)={0x26, 'hash\x00', 0x0, 0x0, 'sha3-224\x00'}, 0x58)

18:43:29 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1249.314585] Bluetooth: hci1: Frame reassembly failed (-84)
18:43:29 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)

[ 1249.413631] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:43:29 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)

18:43:29 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:29 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$selinux_mls(0xffffffffffffff9c, &(0x7f0000000140)='/selinux/mls\x00', 0x0, 0x0)
ioctl$SIOCGETNODEID(r1, 0x89e1, &(0x7f0000000180)={0x80})
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1249.568638] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1250.060600] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1251.355583] Bluetooth: hci0: command 0x1003 tx timeout
[ 1251.355600] Bluetooth: hci1: command 0x1003 tx timeout
[ 1251.366279] Bluetooth: hci0: sending frame failed (-49)
[ 1251.371727] Bluetooth: hci1: sending frame failed (-49)
[ 1252.075538] Bluetooth: hci2: command 0x1003 tx timeout
[ 1252.080962] Bluetooth: hci2: sending frame failed (-49)
[ 1252.155558] Bluetooth: hci3: command 0x1003 tx timeout
[ 1252.161012] Bluetooth: hci3: sending frame failed (-49)
[ 1253.435684] Bluetooth: hci1: command 0x1001 tx timeout
[ 1253.435690] Bluetooth: hci0: command 0x1001 tx timeout
[ 1253.441357] Bluetooth: hci0: sending frame failed (-49)
[ 1253.446907] Bluetooth: hci1: sending frame failed (-49)
[ 1254.155608] Bluetooth: hci2: command 0x1001 tx timeout
[ 1254.161007] Bluetooth: hci2: sending frame failed (-49)
[ 1254.235649] Bluetooth: hci3: command 0x1001 tx timeout
[ 1254.241160] Bluetooth: hci3: sending frame failed (-49)
[ 1255.515600] Bluetooth: hci1: command 0x1009 tx timeout
[ 1255.515606] Bluetooth: hci0: command 0x1009 tx timeout
[ 1256.235631] Bluetooth: hci2: command 0x1009 tx timeout
[ 1256.315609] Bluetooth: hci3: command 0x1009 tx timeout
18:43:41 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
r1 = openat$selinux_policy(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/policy\x00', 0x0, 0x0)
accept$packet(r1, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000080)=0x14)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:43:41 executing program 3:
r0 = syz_open_dev$admmidi(&(0x7f0000000080)='/dev/admmidi#\x00', 0x3, 0x0)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x80000001, 0x642002)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000100)=r1, 0x4)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, 0x0, 0x0)
bind$alg(r2, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:43:41 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:41 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)

18:43:41 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

18:43:41 executing program 0:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000040)='/dev/snd/pcmC#D#c\x00', 0x80000001, 0x400)
read$eventfd(r0, &(0x7f0000000080), 0x8)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000100)={0x3})
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
epoll_ctl$EPOLL_CTL_DEL(r0, 0x2, r1)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
socket$key(0xf, 0x3, 0x2)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$TIOCLINUX3(r1, 0x541c, &(0x7f0000000000))

[ 1260.754242] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1260.770763] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1260.781211] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[ 1260.802170] Bluetooth: hci0: Frame reassembly failed (-84)
18:43:41 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x80080, 0x0)
ioctl$TUNSETVNETLE(r1, 0x400454dc, &(0x7f00000000c0))
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f0000000100)=0xffffffffffffffc1, 0x4)

18:43:41 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1260.825382] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1260.836312] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
18:43:41 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x365f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

18:43:41 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0xfffffffffffffe1a)

[ 1260.901527] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1260.919788] Bluetooth: hci1: Frame reassembly failed (-84)
18:43:41 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:41 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

[ 1261.028281] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1261.062652] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1261.084217] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[ 1261.619629] Bluetooth: hci2: Frame reassembly failed (-84)
[ 1261.632044] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1262.877002] Bluetooth: hci0: command 0x1003 tx timeout
[ 1262.882411] Bluetooth: hci0: sending frame failed (-49)
[ 1262.955580] Bluetooth: hci1: command 0x1003 tx timeout
[ 1262.961052] Bluetooth: hci1: sending frame failed (-49)
[ 1263.675781] Bluetooth: hci3: command 0x1003 tx timeout
[ 1263.682456] Bluetooth: hci3: sending frame failed (-49)
[ 1263.687931] Bluetooth: hci2: command 0x1003 tx timeout
[ 1263.693320] Bluetooth: hci2: sending frame failed (-49)
[ 1264.955553] Bluetooth: hci0: command 0x1001 tx timeout
[ 1264.961246] Bluetooth: hci0: sending frame failed (-49)
[ 1265.035660] Bluetooth: hci1: command 0x1001 tx timeout
[ 1265.041279] Bluetooth: hci1: sending frame failed (-49)
[ 1265.755649] Bluetooth: hci2: command 0x1001 tx timeout
[ 1265.755659] Bluetooth: hci3: command 0x1001 tx timeout
[ 1265.766426] Bluetooth: hci3: sending frame failed (-49)
[ 1265.772071] Bluetooth: hci2: sending frame failed (-49)
[ 1267.035633] Bluetooth: hci0: command 0x1009 tx timeout
[ 1267.116342] Bluetooth: hci1: command 0x1009 tx timeout
[ 1267.835603] Bluetooth: hci3: command 0x1009 tx timeout
[ 1267.835623] Bluetooth: hci2: command 0x1009 tx timeout
18:43:52 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

18:43:52 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
ppoll(&(0x7f0000000080)=[{r0, 0x4}, {r0, 0x31c1}, {r0, 0x1430}, {r0, 0xa000}], 0x4, &(0x7f00000000c0), &(0x7f0000000380)={0x7ff}, 0x8)
rt_sigaction(0xd, &(0x7f0000000240)={&(0x7f0000000140)="8f0838cd0c3799c481e9ea0a457906c6f80f67f36ec4625daa94a20200000065d9ed430f004e0cc4827d358a000000006440a0e99c000000000000", {0xce5}, 0x4, &(0x7f0000000180)="c4a179284d0f65f3456d660ff3f042d9ff360f77c402793216c4a2392c3530e40000c18f49f0fc2f4fc4a159d8c9f2e100"}, &(0x7f0000000300)={&(0x7f0000000280)="6766440f380b5318660fe8de0fac504202c423fd09afc87dcfac17c40169e81b41fd653666460f38cfa4531f0600000f01dac4c24d4612f30f1c444b07", {}, 0x0, &(0x7f00000002c0)="423b75073ef346a52666410f380babffefffffc462d19c190f01ddfec27400c442792413c40138123943d884b300800000"}, 0x8, &(0x7f0000000340))
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:43:52 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

18:43:52 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$selinux_status(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/status\x00', 0x0, 0x0)
openat$cgroup_subtree(r1, &(0x7f0000000040)='cgroup.subtree_control\x00', 0x2, 0x0)

18:43:52 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:43:52 executing program 5:
bpf$MAP_CREATE(0x0, 0x0, 0x0)

[ 1272.261153] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1272.284089] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
18:43:52 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x10f)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:43:52 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
r1 = openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000080)='/proc/capi/capi20\x00', 0x440, 0x0)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000100)={0x0, r1, 0x0, 0x2}, 0x14)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000140)='/proc/capi/capi20\x00', 0x800, 0x0)
rename(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='./file0\x00')
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000180)='/proc/thread-self/attr/current\x00', 0x2, 0x0)

18:43:52 executing program 5:
bpf$MAP_CREATE(0x0, 0x0, 0x0)

18:43:52 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

[ 1272.329036] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[ 1272.352847] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:43:52 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:43:52 executing program 3:
r0 = syz_open_dev$sg(&(0x7f0000005000)='/dev/sg#\x00', 0x0, 0x0)
write$P9_RXATTRCREATE(0xffffffffffffffff, &(0x7f00000000c0)={0x7, 0x21, 0x1}, 0x7)
openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/sockcreate\x00', 0x2, 0x0)
fcntl$setlease(r0, 0x400, 0x1fffffffff)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, 0xffffffffffffffff)
r1 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040)='/dev/loop-control\x00', 0x200000, 0x0)
ioctl(0xffffffffffffffff, 0x1, 0x0)
epoll_ctl$EPOLL_CTL_DEL(0xffffffffffffffff, 0x2, 0xffffffffffffffff)
r2 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)
r3 = openat$null(0xffffffffffffff9c, 0x0, 0x0, 0x0)
unshare(0x10000)
ioctl$UI_END_FF_ERASE(r3, 0x400c55cb, 0x0)
shutdown(0xffffffffffffffff, 0x0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0xffffffffffffffff)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60fd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$BLKTRACETEARDOWN(r3, 0x1276, 0x0)
ioctl$GIO_SCRNMAP(0xffffffffffffffff, 0x4b40, 0x0)
r4 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f00000009c0)='/dev/loop-control\x00', 0x0, 0x0)
ioctl$LOOP_CTL_REMOVE(r4, 0x4c81, 0x0)
setsockopt$bt_BT_CHANNEL_POLICY(r3, 0x112, 0xa, &(0x7f0000000000)=0x2f5d, 0x4)
shmat(0x0, &(0x7f0000799000/0x1000)=nil, 0x3000)
r5 = shmat(0xffffffffffffffff, &(0x7f0000648000/0x4000)=nil, 0x2000)
shmdt(r5)
ioctl$LOOP_CTL_GET_FREE(r3, 0x4c82)
r6 = ioctl$LOOP_CTL_GET_FREE(r4, 0x4c82)
ioctl$LOOP_CTL_ADD(r1, 0x4c80, r6)
syz_emit_ethernet(0x3e, &(0x7f0000000080)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "50a09c", 0x8, 0xffffff2f, 0x0, @remote, @local, {[], @udp={0x0, 0x77d50800, 0x8}}}}}}, 0x0)
mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x10000001, 0x31, 0xffffffffffffffff, 0x0)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x5385, &(0x7f0000000180))

18:43:52 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$KDSKBLED(r0, 0x4b65, 0x3f)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$UFFDIO_WAKE(r1, 0x8010aa02, &(0x7f0000000040)={&(0x7f0000ff9000/0x4000)=nil, 0x4000})

[ 1272.433574] netlink: 3 bytes leftover after parsing attributes in process `syz-executor.2'.
[ 1272.464727] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
[ 1272.464771] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1272.498200] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1272.597585] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x5
[ 1274.395575] Bluetooth: hci0: command 0x1003 tx timeout
[ 1274.401073] Bluetooth: hci0: sending frame failed (-49)
[ 1274.555581] Bluetooth: hci1: command 0x1003 tx timeout
[ 1274.561151] Bluetooth: hci1: sending frame failed (-49)
[ 1275.115723] Bluetooth: hci2: command 0x1003 tx timeout
[ 1275.121136] Bluetooth: hci2: sending frame failed (-49)
[ 1275.355566] Bluetooth: hci3: command 0x1003 tx timeout
[ 1275.361093] Bluetooth: hci3: sending frame failed (-49)
[ 1276.475701] Bluetooth: hci0: command 0x1001 tx timeout
[ 1276.481103] Bluetooth: hci0: sending frame failed (-49)
[ 1276.635658] Bluetooth: hci1: command 0x1001 tx timeout
[ 1276.641068] Bluetooth: hci1: sending frame failed (-49)
[ 1277.195618] Bluetooth: hci2: command 0x1001 tx timeout
[ 1277.201014] Bluetooth: hci2: sending frame failed (-49)
[ 1277.435633] Bluetooth: hci3: command 0x1001 tx timeout
[ 1277.441306] Bluetooth: hci3: sending frame failed (-49)
[ 1278.555583] Bluetooth: hci0: command 0x1009 tx timeout
[ 1278.715608] Bluetooth: hci1: command 0x1009 tx timeout
[ 1279.277557] Bluetooth: hci2: command 0x1009 tx timeout
[ 1279.515590] Bluetooth: hci3: command 0x1009 tx timeout
18:44:03 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0xb, [@typedef={0x2, 0x0, 0x0, 0x8, 0x2}, @ptr={0x8, 0x0, 0x0, 0x2, 0x1}]}, {0x0, [0x30, 0x30, 0x2e, 0x5f, 0x5f, 0x7f, 0x30, 0x7f, 0x7f]}}, &(0x7f0000000100)=""/160, 0x3b, 0xa0, 0x1}, 0x20)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x200000000000)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:44:03 executing program 5:
bpf$MAP_CREATE(0x0, 0x0, 0x0)

18:44:03 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

18:44:03 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:44:03 executing program 3:
bind$alg(0xffffffffffffffff, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:44:03 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
sendto$llc(r1, &(0x7f00000000c0)="dbb8b37fedd9b360f5afaf6e7a44dcb1db2e34e532260c35878a4df5a6721628fbeacbb82ce8b53b945f8ada82adcb6dd869c5389c65b2d5a4280675", 0x3c, 0x4000010, &(0x7f0000000100)={0x1a, 0x337, 0x100000001, 0x5, 0x80, 0x9, @broadcast}, 0x10)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

[ 1283.149897] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1283.160160] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
18:44:03 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

18:44:03 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

18:44:03 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

[ 1283.264776] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
18:44:03 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x400, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r1, 0xc028564e, &(0x7f00000000c0)={0x3, 0xb2a381d887e79821, [0x3, 0x9, 0x9, 0x3, 0x4, 0x3, 0x1, 0x754f]})
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:44:03 executing program 2:
r0 = socket(0x10, 0x2, 0xc)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

[ 1283.321472] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1283.394515] netlink: 'syz-executor.2': attribute type 5 has an invalid length.
18:44:04 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$PIO_FONTRESET(r0, 0x4b6d, 0x0)
r1 = semget(0x1, 0x1, 0x0)
semctl$SETVAL(r1, 0x3, 0x10, &(0x7f0000000000)=0x5)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

[ 1284.593039] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1285.195594] Bluetooth: hci0: command 0x1003 tx timeout
[ 1285.200990] Bluetooth: hci0: sending frame failed (-49)
[ 1285.835616] Bluetooth: hci1: command 0x1003 tx timeout
[ 1285.841013] Bluetooth: hci1: sending frame failed (-49)
[ 1285.995538] Bluetooth: hci2: command 0x1003 tx timeout
[ 1286.001095] Bluetooth: hci2: sending frame failed (-49)
[ 1286.635574] Bluetooth: hci3: command 0x1003 tx timeout
[ 1286.641093] Bluetooth: hci3: sending frame failed (-49)
[ 1287.275624] Bluetooth: hci0: command 0x1001 tx timeout
[ 1287.281278] Bluetooth: hci0: sending frame failed (-49)
[ 1287.915601] Bluetooth: hci1: command 0x1001 tx timeout
[ 1287.920987] Bluetooth: hci1: sending frame failed (-49)
[ 1288.075575] Bluetooth: hci2: command 0x1001 tx timeout
[ 1288.081076] Bluetooth: hci2: sending frame failed (-49)
[ 1288.715692] Bluetooth: hci3: command 0x1001 tx timeout
[ 1288.721089] Bluetooth: hci3: sending frame failed (-49)
[ 1289.355633] Bluetooth: hci0: command 0x1009 tx timeout
[ 1289.995640] Bluetooth: hci1: command 0x1009 tx timeout
[ 1290.156460] Bluetooth: hci2: command 0x1009 tx timeout
[ 1290.797178] Bluetooth: hci3: command 0x1009 tx timeout
18:44:14 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:44:14 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

18:44:14 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
r1 = openat$selinux_checkreqprot(0xffffffffffffff9c, &(0x7f0000000080)='/selinux/checkreqprot\x00', 0x84400, 0x0)
getsockopt$inet_sctp_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f00000000c0)=@assoc_value={<r2=>0x0}, &(0x7f0000000100)=0x8)
setsockopt$inet_sctp_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f0000000140)={r2, 0x81, 0x200}, 0x8)

18:44:14 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:44:14 executing program 2:
write(0xffffffffffffffff, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(0xffffffffffffffff, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

18:44:14 executing program 2:
write(0xffffffffffffffff, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(0xffffffffffffffff, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

[ 1294.031670] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:44:14 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f0000000080)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0xb365e3aad811b733)
ioctl$sock_SIOCSIFBR(r0, 0x8941, &(0x7f0000000180)=@add_del={0x2, &(0x7f00000003c0)='nr0\x00'})
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000240)='cpu.stat\x00', 0x0, 0x0)
ioctl$sock_inet_SIOCSIFPFLAGS(r0, 0x8934, &(0x7f0000000100)={'gretap0\x00', 0x3})
recvfrom$x25(r1, &(0x7f0000000280)=""/221, 0xdd, 0x2141, &(0x7f0000000380)={0x9, @null='               \x00'}, 0x12)

18:44:14 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:44:14 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x0, 0x4, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

[ 1294.127712] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:44:14 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
r1 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x428381)
ioctl$DRM_IOCTL_RES_CTX(r1, 0xc0106426, &(0x7f0000000100)={0x8, &(0x7f00000000c0)=[{}, {}, {}, {}, {}, {}, {}, {}]})
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:44:14 executing program 2:
write(0xffffffffffffffff, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(0xffffffffffffffff, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

18:44:15 executing program 0:
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000300)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$KDGKBMETA(r0, 0x4b62, &(0x7f0000000100))
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
r2 = socket(0x5, 0x80800, 0x0)
getsockname$llc(r2, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @dev}, &(0x7f0000000080)=0x8)
ioctl$KDADDIO(r1, 0x400455c8, 0x0)
ioctl$TIOCVHANGUP(r1, 0x5437, 0x0)
ioctl$sock_x25_SIOCDELRT(r2, 0x890c, &(0x7f0000000140)={@remote={[], 0x3}, 0xc, 'hsr0\x00'})

18:44:15 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x0, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

18:44:15 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:44:15 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
lsetxattr$security_ima(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.ima\x00', &(0x7f0000000140)=@sha1={0x1, "5f98961524c6a32a2517dfee789619a20468e3ae"}, 0x15, 0x3)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$FIGETBSZ(r0, 0x2, &(0x7f0000000240))

[ 1294.672201] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
[ 1294.749047] Bluetooth: hci1: Frame reassembly failed (-84)
[ 1295.494462] Bluetooth: hci3: Frame reassembly failed (-84)
[ 1296.155623] Bluetooth: hci0: command 0x1003 tx timeout
[ 1296.161258] Bluetooth: hci0: sending frame failed (-49)
[ 1296.795583] Bluetooth: hci1: command 0x1003 tx timeout
[ 1296.800998] Bluetooth: hci1: sending frame failed (-49)
[ 1296.955657] Bluetooth: hci2: command 0x1003 tx timeout
[ 1296.961172] Bluetooth: hci2: sending frame failed (-49)
[ 1297.515566] Bluetooth: hci3: command 0x1003 tx timeout
[ 1297.520981] Bluetooth: hci3: sending frame failed (-49)
[ 1298.235666] Bluetooth: hci0: command 0x1001 tx timeout
[ 1298.241070] Bluetooth: hci0: sending frame failed (-49)
[ 1298.875549] Bluetooth: hci1: command 0x1001 tx timeout
[ 1298.881033] Bluetooth: hci1: sending frame failed (-49)
[ 1299.035593] Bluetooth: hci2: command 0x1001 tx timeout
[ 1299.041028] Bluetooth: hci2: sending frame failed (-49)
[ 1299.595636] Bluetooth: hci3: command 0x1001 tx timeout
[ 1299.604323] Bluetooth: hci3: sending frame failed (-49)
[ 1300.315664] Bluetooth: hci0: command 0x1009 tx timeout
[ 1300.955597] Bluetooth: hci1: command 0x1009 tx timeout
[ 1301.115600] Bluetooth: hci2: command 0x1009 tx timeout
[ 1301.675701] Bluetooth: hci3: command 0x1009 tx timeout
18:44:25 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x0)
r1 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x0, 0x2)
ioctl$sock_inet_SIOCDARP(r1, 0x8953, &(0x7f0000000040)={{0x2, 0x4e24, @loopback}, {0x306, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xf}}, 0x1a, {0x2, 0x4e24, @remote}, 'bridge_slave_1\x00'})
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

18:44:25 executing program 2:
r0 = socket(0x0, 0x2, 0xc)
write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

18:44:25 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x0, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

18:44:25 executing program 4:
r0 = socket$inet(0x10, 0x3, 0xc)
sendmsg(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000009ff0)=[{&(0x7f0000000000)="24000000060607031dfffd946fa2830020200a0009000100051d85680c1baba20400ff7e", 0x24}], 0x1}, 0x0)

18:44:25 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
openat$random(0xffffffffffffff9c, &(0x7f0000000080)='/dev/urandom\x00', 0x80, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)

18:44:26 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$KDADDIO(r0, 0x400455c8, 0x8)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
r1 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000000)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000040)={'filter\x00', 0x2c, "27cef6e8403a0185be44850ba9b00ec6ae9282bb8c7b12c0175fb1bb4574616a97557942187cedcce21afc42"}, &(0x7f0000000100)=0x50)

18:44:26 executing program 3:
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_ctr_aes128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
bind$alg(r0, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="a8b49e7311820e4ae02e4557d98958c63091283e26cd3bc00e1e33be65390d849bf50c378243e32a9734117bf75faab995cc7843f3a4ee2cc7efa00684cc7755355bc8c00cb9336e3a152e8519ad5644e396ba66a0f3d1577eb606a2384b594a67a74a4ba7cb1da8d43f77b4e9bfea826251c3984e6dd9016ddb994e7ebcd1f945ea53a0af1b630acfa7a16f8b62b10df6ba51e8b02a3fdefa3b1b88cfd56ac03bece0871b0cac72cb1abad471dea30bb1f7dab1870f855d99b00914bc60593c6a9dfe7935d50255a8d59ffe", 0xcc)

[ 1305.548024] netlink: 'syz-executor.4': attribute type 1 has an invalid length.
18:44:26 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x10, 0x0, 0x4, 0x8000000000005, 0x0, 0xffffffffffffffff, 0x0, [0x305f, 0xa]}, 0x2c)

18:44:26 executing program 2:
r0 = socket(0x0, 0x2, 0xc)
write(r0, &(0x7f0000000040)="1f0000000104ff00fd4354c007110000df05010008000100010423dcffdf00", 0x2b0)
write(r0, &(0x7f00000000c0)="1f0000000104fffffd3b000007110000f30501000b000500020423ca0002cf", 0x1f)

[ 1305.625339] ------------[ cut here ]------------
[ 1305.630992] WARNING: CPU: 1 PID: 11132 at drivers/tty/tty_ioctl.c:319 tty_set_termios.cold+0x11/0x1f
[ 1305.640286] Kernel panic - not syncing: panic_on_warn set ...
[ 1305.640286] 
[ 1305.643991] kobject: 'loop5' (00000000226136cc): kobject_uevent_env
[ 1305.647660] CPU: 1 PID: 11132 Comm: kworker/u5:6 Not tainted 4.19.62 #36
[ 1305.647668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[ 1305.647707] Workqueue: hci1 hci_power_on
[ 1305.674467] Call Trace:
[ 1305.677074]  dump_stack+0x172/0x1f0
[ 1305.680749]  panic+0x263/0x507
[ 1305.683934]  ? __warn_printk+0xf3/0xf3
[ 1305.687819]  ? tty_set_termios.cold+0x11/0x1f
[ 1305.692306]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1305.697838]  ? __warn.cold+0x5/0x4a
[ 1305.701454]  ? __warn+0xe8/0x1d0
[ 1305.704814]  ? tty_set_termios.cold+0x11/0x1f
[ 1305.709301]  __warn.cold+0x20/0x4a
[ 1305.712834]  ? tty_set_termios.cold+0x11/0x1f
[ 1305.717326]  report_bug+0x263/0x2b0
[ 1305.721004]  do_error_trap+0x204/0x360
[ 1305.724882]  ? math_error+0x340/0x340
[ 1305.728849]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1305.734395]  ? wake_up_klogd+0x99/0xd0
[ 1305.738275]  ? vprintk_emit+0x1ab/0x690
[ 1305.742244]  ? error_entry+0x76/0xd0
[ 1305.745973]  ? trace_hardirqs_off_caller+0x65/0x220
[ 1305.750986]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[ 1305.755823]  do_invalid_op+0x1b/0x20
[ 1305.759527]  invalid_op+0x14/0x20
[ 1305.762969] RIP: 0010:tty_set_termios.cold+0x11/0x1f
[ 1305.768061] Code: ff e8 12 0a 3b fe e9 f5 fe ff ff e8 08 0a 3b fe eb c7 e8 01 0a 3b fe eb 9d e8 3a 77 04 fe 48 c7 c7 40 d1 8c 87 e8 62 e8 ee fd <0f> 0b e9 d1 d7 ff ff 90 90 90 90 90 90 90 55 48 89 e5 41 55 41 54
[ 1305.786951] RSP: 0018:ffff8880860bf990 EFLAGS: 00010282
[ 1305.792305] RAX: 0000000000000024 RBX: ffff8880860bfa50 RCX: 0000000000000000
[ 1305.799567] RDX: 0000000000000000 RSI: ffffffff8155d376 RDI: ffffed1010c17f24
[ 1305.806864] RBP: ffff8880860bfa78 R08: 0000000000000024 R09: ffffed1015d25079
[ 1305.814123] R10: ffffed1015d25078 R11: ffff8880ae9283c7 R12: ffff8880860bfab8
[ 1305.821414] R13: 0000000000010004 R14: 1ffff11010c17f51 R15: ffff8880990d8500
[ 1305.828687]  ? vprintk_func+0x86/0x189
[ 1305.832576]  ? tty_wait_until_sent+0x580/0x580
[ 1305.837171]  ? __mutex_lock+0x3cd/0x1300
[ 1305.841226]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[ 1305.850676]  ? tty_termios_encode_baud_rate+0x3ca/0x4e0
[ 1305.856105]  hci_uart_set_baudrate+0x157/0x1c0
[ 1305.860679]  ? hci_uart_set_speeds+0x90/0x90
[ 1305.865085]  ? debug_object_deactivate+0x1e4/0x360
[ 1305.870099]  ? find_held_lock+0x35/0x130
[ 1305.874154]  hci_uart_setup+0xa2/0x490
[ 1305.878035]  ? hci_uart_set_baudrate+0x1c0/0x1c0
[ 1305.882780]  hci_dev_do_open+0x674/0x14a0
[ 1305.887006]  ? hci_rx_work+0xaa0/0xaa0
[ 1305.890983]  ? kasan_check_read+0x11/0x20
[ 1305.895129]  ? process_one_work+0x890/0x1750
[ 1305.899531]  ? find_held_lock+0x35/0x130
[ 1305.903580]  ? process_one_work+0x890/0x1750
[ 1305.908157]  hci_power_on+0x10d/0x580
[ 1305.911947]  ? hci_error_reset+0xf0/0xf0
[ 1305.915997]  ? __lock_is_held+0xb6/0x140
[ 1305.920055]  process_one_work+0x989/0x1750
[ 1305.924283]  ? pwq_dec_nr_in_flight+0x320/0x320
[ 1305.929031]  ? lock_acquire+0x16f/0x3f0
[ 1305.932998]  ? kasan_check_write+0x14/0x20
[ 1305.938008]  ? do_raw_spin_lock+0xc8/0x240
[ 1305.942237]  worker_thread+0x98/0xe40
[ 1305.946086]  ? trace_hardirqs_on+0x67/0x220
[ 1305.950409]  kthread+0x354/0x420
[ 1305.953767]  ? process_one_work+0x1750/0x1750
[ 1305.958342]  ? kthread_cancel_delayed_work_sync+0x20/0x20
[ 1305.963915]  ret_from_fork+0x24/0x30
[ 1305.970460] Kernel Offset: disabled
[ 1305.974290] Rebooting in 86400 seconds..