VM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000080))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:42 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
r1 = dup(r0)
ioctl$RNDCLEARPOOL(r1, 0x5206, &(0x7f0000000000)=0xfff)
io_setup(0x1, &(0x7f0000000180)=<r2=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
flock(r1, 0x7)
write$FUSE_DIRENT(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="00000000000000000000000000000000000000b944fd0ef6d8651d5eaaa7d9a000234d4ac7a024e032d6cf8af5fadc8b1d8ab3f6c883def4f59bf99af6234834f06a60ab565748554175a94135ddc95049309852e1075003194b4349ba4d2b1fd3743d2343b0418ed76ec4faa4a166f3cf11ea26ed037b278a970cb2c1e569108fd0ded994a0fd9c3fbd2b67bea695800f72962d57b7bc05388710f5f98aa1c483df427e491d81108de7f401536bf5aa707536e50dfaa6e85895ab55b631080031faedb79319c863b8daf38aaab1cfd11f692912a6d57fdd"], 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r3 = getpgrp(0x0)
syz_open_procfs(r3, &(0x7f00000000c0)='personality\x00')

00:33:42 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:42 executing program 1:
r0 = open(&(0x7f0000000240)='./file1\x00', 0x20c900, 0x106)
ioctl$VIDIOC_SUBSCRIBE_EVENT(r0, 0x4020565a, &(0x7f00000002c0)={0x6, 0x5, 0x2})
ioctl$PERF_EVENT_IOC_ID(r0, 0x80082407, &(0x7f0000000280))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000003c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x7ffb)
unshare(0x0)
getsockopt$packet_buf(r1, 0x107, 0xd, &(0x7f0000000080)=""/129, &(0x7f0000000140)=0x81)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000380)='./file0\x00', &(0x7f00000001c0)='trusted.overlay.redirect\x00', &(0x7f0000000200)='./file0\x00', 0x8, 0x2)
r2 = socket$inet(0x2, 0x4000000000000001, 0xfffffffffffffffe)
r3 = dup(r0)
ioctl$KVM_SET_DEBUGREGS(r3, 0x4080aea2, &(0x7f0000000000)={[0x4000, 0x10f000, 0xd000, 0x6000], 0x55, 0x8, 0x4})
openat$cgroup_procs(r0, &(0x7f0000000340)='cgroup.procs\x00', 0x2, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)

00:33:42 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x3, 0x2)
ioctl$sock_bt_cmtp_CMTPCONNADD(r2, 0x400443c8, &(0x7f0000000180)={r0, 0x1})
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
r4 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x100)
ioctl$EVIOCGABS0(r4, 0x80184540, &(0x7f00000000c0)=""/147)
listen(r3, 0x9411)

[  298.522160][T19165] input: syz1 as /devices/virtual/input/input172
[  298.546439][T19163] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:42 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r2 = accept(0xffffffffffffffff, &(0x7f0000000340)=@rc, &(0x7f0000000000)=0x80)
ioctl$PPPIOCSFLAGS(r2, 0x40047459, &(0x7f00000000c0)=0x80100)

00:33:42 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80000)
setsockopt$l2tp_PPPOL2TP_SO_SENDSEQ(r1, 0x111, 0x3, 0x0, 0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_NODE_GET(r1, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xb4, r3, 0x104, 0x70bd2b, 0x25dfdbff, {}, [@TIPC_NLA_NODE={0x30, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x564}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x3}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffffffff}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_UP={0x4}]}, @TIPC_NLA_SOCK={0x14, 0x2, [@TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_SOCK={0x38, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x6}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x52ea}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7bd0cdc}]}, @TIPC_NLA_NET={0x24, 0x7, [@TIPC_NLA_NET_NODEID={0xc, 0x3, 0xfffffffffffffffb}, @TIPC_NLA_NET_ADDR={0x8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}]}]}, 0xb4}, 0x1, 0x0, 0x0, 0x20008040}, 0x40000)

00:33:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)

[  298.634337][T19165] input: syz1 as /devices/virtual/input/input173
00:33:43 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x301000, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DAEMON(r2, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f00000000c0)={0x134, r3, 0x522, 0x70bd26, 0x25dfdbfe, {}, [@IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x7ff}, @IPVS_CMD_ATTR_DEST={0x38, 0x2, [@IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x400}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@dev={0xac, 0x14, 0x14, 0x1c}}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x1}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x7}, @IPVS_CMD_ATTR_DEST={0x3c, 0x2, [@IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3f}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x3}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x1000}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x6}, @IPVS_CMD_ATTR_DEST={0x2c, 0x2, [@IPVS_DEST_ATTR_FWD_METHOD={0x8}, @IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e22}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x20}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x3}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0xffffffff}]}, @IPVS_CMD_ATTR_SERVICE={0x60, 0x1, [@IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@local}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x80}, @IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PROTOCOL={0x8}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x9}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x1}}, @IPVS_SVC_ATTR_PE_NAME={0x8, 0xb, 'sip\x00'}, @IPVS_SVC_ATTR_ADDR={0x14, 0x3, @ipv6=@initdev={0xfe, 0x88, [], 0x1, 0x0}}]}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x6}]}, 0x134}, 0x1, 0x0, 0x0, 0x1}, 0x40)

00:33:43 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0xa00, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, 0x0, 0xfffffffffffffe2d)
r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080)='SEG6\x00')
sendmsg$SEG6_CMD_GET_TUNSRC(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x20010000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x40, r2, 0x300, 0x70bd2d, 0x25dfdbfd, {}, [@SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x3f}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x5}, @SEG6_ATTR_SECRET={0xc, 0x4, [0x5, 0x3]}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x1}]}, 0x40}, 0x1, 0x0, 0x0, 0x80}, 0x4004000)

[  298.818647][T19199] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:43 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:43 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
r2 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x2, 0x2)
setsockopt$inet_sctp6_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f00000000c0)=@int=0x8, 0x4)

00:33:43 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4004556d)

00:33:43 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
dup(r1)
syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x5, 0x802)
open(&(0x7f00000000c0)='./file0\x00', 0x2000, 0x88)
openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-control\x00', 0x200100, 0x0)
r2 = creat(&(0x7f00000001c0)='./file0\x00', 0x1)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000140)=<r3=>0x0)
ioprio_get$pid(0x3, r3)

00:33:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x0, 0x2000000000, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0xfffffffffffffffc], 0x0, 0x1a2fc})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
renameat2(r3, &(0x7f0000000080)='./file0\x00', r3, &(0x7f00000000c0)='./file0\x00', 0x2)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

00:33:43 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:43 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, &(0x7f0000000040)={<r2=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={r2}, 0x8)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='cgroup.stat\x00', 0x0, 0x0)

[  299.441702][T19217] input: syz1 as /devices/virtual/input/input174
00:33:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$VIDIOC_DV_TIMINGS_CAP(r3, 0xc0905664, &(0x7f0000000240)={0x0, 0x0, [], @raw_data=[0x4, 0x6, 0x7fffffff, 0x1, 0x9, 0x20, 0x40, 0x8000, 0x3, 0x4c1, 0x1, 0x3, 0x1, 0x2, 0xffff, 0x5, 0x3, 0x9, 0x2, 0x800, 0x2, 0x9, 0xace5, 0x3, 0x3, 0x9, 0x3, 0x2, 0x1000, 0x7fffffff, 0x0, 0x739]})
fcntl$setsig(r3, 0xa, 0x25)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$SNDRV_TIMER_IOCTL_PAUSE(r3, 0x54a3)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f0000000300)={{{@in=@loopback, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{}, 0x0, @in6=@mcast1}}, &(0x7f00000001c0)=0xe8)
r5 = geteuid()
getsockopt$inet6_IPV6_IPSEC_POLICY(r3, 0x29, 0x22, &(0x7f0000000400)={{{@in=@empty, @in6=@mcast2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in=@multicast2}, 0x0, @in6=@loopback}}, &(0x7f0000000500)=0xe8)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000000540)={0x0, <r7=>0x0}, &(0x7f0000000580)=0xc)
lstat(&(0x7f00000005c0)='./file0\x00', &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, <r8=>0x0})
getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000680)={{{@in=@initdev, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r9=>0x0}}, {{}, 0x0, @in6=@remote}}, &(0x7f0000000780)=0xe8)
getsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000007c0)={{{@in6=@mcast2, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0}}, {{@in=@loopback}, 0x0, @in=@loopback}}, &(0x7f00000008c0)=0xe8)
getresgid(&(0x7f0000000900), &(0x7f0000000940)=<r11=>0x0, &(0x7f0000000980))
r12 = getegid()
stat(&(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, 0x0, <r13=>0x0})
r14 = getegid()
r15 = getegid()
fsetxattr$system_posix_acl(r1, &(0x7f00000000c0)='system.posix_acl_default\x00', &(0x7f0000000a80)={{}, {}, [{0x2, 0x5, r4}, {0x2, 0x0, r5}, {0x2, 0x0, r6}, {0x2, 0x4, r7}, {0x2, 0x1, r8}, {0x2, 0x5, r9}, {0x2, 0x6, r10}], {0x4, 0x2}, [{0x8, 0x1, r11}, {0x8, 0x7, r12}, {0x8, 0x0, r13}, {0x8, 0x1, r14}, {0x8, 0x2, r15}], {0x10, 0x2}, {0x20, 0x4}}, 0x84, 0x1)
setsockopt$XDP_UMEM_FILL_RING(r3, 0x11b, 0x5, &(0x7f0000000080)=0x3000, 0x4)
syz_mount_image$iso9660(&(0x7f0000000b40)='iso9660\x00', &(0x7f0000000b80)='./file0\x00', 0x40, 0xa, &(0x7f0000002040)=[{&(0x7f0000000bc0)="bc210ac5aa5d13f508d8ee54df70da01cd515bcb143841858f0ffe7ad6852b63e5af5e7baa21ddda7668c6bc3934a89538e4d25511666df096e628c01e2c043226bae6e0cbcef672342ed00fa5", 0x4d, 0x10001}, {&(0x7f0000000c40)="2b78e9c0807b71b0469ad8faecb0fcefcb2a83fb062d124b84a526dcd78fe75ce1395251aa58d08e550a242f37c8eab72f5584289051529a1b2732015feb2db2c6f47c7d64fa8479ad6b15b54581c93cad9865cda1a0c4375887efb40b628014aaab683893", 0x65, 0x1000}, {&(0x7f0000000cc0)="8c63efcfd63d732c6a91e4ac3a48064cca727f78495dc2618963de87c416932d3b015afdf7659db09cc917fd64d4c1328c5909c3db31395c6ab2d9c53faf4e654eeac90ca94d247f7fc2de2ad790c13738eeeff3feb67e275475605404fa762e75644450ddb6f181b3ae6445bc225706500227e4afa0952a0b85943e7f6ba9fcb868a55a2f3135a37f86ea033cab6dfc4010", 0x92, 0x3}, {&(0x7f0000000d80)="c03e84ea89e09e87ba8447fb87929b6e7fcfa7fc07dd874db9fd971d68557531efa90e8cc64b6bce06652e0c8b4c25295c769a3b768c7b04929fa9b9d932540de7ca5a97736d9ffe485f9a72a678875294", 0x51, 0x3}, {&(0x7f0000000e00), 0x0, 0x4}, {&(0x7f0000000e40)="f3c716d971642976b24a60b0665eff2b17d7ae654a0b9bfd7ceabe35ff5875c81af2392897ad16515f3f297f311776e0763a010c718be7086b424c855da854f6e4886abbb25c2c2cf35c81a5aa4db31535f59b23b9b1102590e02810eaaaf4fec33461f239408050eafdceb56b04f105f2e4b7126b72b92d9f2d2ece95e167c588d58621ba27772df462831f1751cb9f58486782b16d445f0207", 0x9a, 0x1}, {&(0x7f0000000f00)="71d4a725477117595406f2ac0363a0932bc20bd64555f4d6c9401357f902692199e3b4565b8287a92b9473ffe4258fa9da84e1f35e1c5cd13cf7fc15354c6b512e8f9c552256584afa04d4d78ae9d7166b810413f22ff7052ac1485af222ea38982f0474e29e22e2cb8919baf58acde6776c3cb649f410d29484b20210b7", 0x7e, 0x6e8}, {&(0x7f0000000f80)="ab3f425e90a9c863361a6b29f69944042533a5fc9611fb5924a517c2b70cb14419dab252fe49182e3d105a6fbdbeac409d07e9de3e63a017ff15a87d99449d8880afff4e5dd65f8fa7e09c3a408c4bc2697518122e667b69d06b7b29fe9ff52ffa2a26343291048fa0d2ebf57b5a0387fd265f5051ad3652310da732ffd2924acb141a73162a3db55c9cab37e67ea905494705a92b2bb716f37fc6064d74ca581b191dc9487bb51786df9fd7ad62d28ad00f4414950e30143d18044c9d5bd4c47696262e4ad8ccf13c32cb48c21f976835cf19e398ac3a9855f06b8df391b7b28a72bcd0ec8e9169073f2b0b5269ecdcdf62a781106bbcbc8f86f80201b4c21738c2913d4e36e12b30081d4920fdd8175555f81c90e5b6af2d90b2de9696988c63c0a64c741d6390859e9c05e7aa0c10dbd8ca100d993ddf451682be993471f6a04e6d48dd6a7b78c6645fb41897c08847b5af57c326f152c8d0784a5192ec8bebe8a62f890eddb56adcdd0610060b377b7f88cf8829768df95b844722a74d6008a3d1ac0366e22bed54c6594325637272dbfec46814ed71164fd6ebb83668a6d4feb30a9b311d9ccd05ea38c07a13f787e9aeff310e048a9ea899c64edb56350eef2795e03566787cc0ca7191fd5ddc359c88d1ec3d563ec5e35712b9da79eb6f277c1c46393f655b60c6b0e2e86880f29dc9b6d256b02b4cbc95878dda13177053628ca79f1496417179571e5e86fe0e35d8c68aba8710bbcc5d40a07847d21b292c830568fc223031a3a40e8e9cc24eab1a986e5e55fcbf89137ea40a8cd79af493c09bda7fb54c81ccccb2aa06067b53507e00ac24e95a99f9e1879d4c6cc7891440018c89276c34f96ee3959612bf91e53c418468025b829f9412c24b24122ed18719a158b39d54cb4206cee8ea67f2820f10a47de24196d1609de1aee42272295c9bc8a49552b38a177803f9d21bec11e171169aed07482ee8d7b5aa0d22ae1de191369da45d899e15205262545b6d4078431688978624f3c944234728f14f0f9efb2af3b3da711a3e9162e0c23374d1a747fd4f33e521671324ad41839a10671132886d360aec9343e95f65e327b567f89ad7b452af45bd17b2f323fc943563229f56acc4428714205f37e17ca2350dc52f400151139cbf9736c64026340a7c0727ffc85d3beb9565e890e66b3a4276a32b57970f3b4584ce8175c23fc90c909fb4e2d855f177e219de60b4a2c1c0a5a425b83bb6b81e1390047b22f9d265de595aa514eea1f787873e1fd326fcdc3edf2056819eca1f12657677c58938d53a5f7a8b1c4347a14ae9f75e69f59ad1c9ed838d1a6c65cbfddba9658ee5bac21c9af04ecc05cae44f3fefe2ed258caa7ea60b07c39700e2d1c0bd6db26bf82c1a43df264176ec4d7d37efa896ba04f01478b3e99c0a03b15dd274f909b5c0e67e6cd964991c38cf59278e38a4c96d490f981f36130cdfa4b3e21f409473d34e4b472e0150311379b74e1410d059991d065060f69472a79a99cdfbd82250a41e5153fe6ea65cb2da4ca2809f4732c3fec04f5dd72a1519d172223ffba757be9cce1d433feed880b59ca32d0773d075a1d31b593cf293214fb882922632d0cbee43ab0d22db6ce85cc3221ea03e70a5edfd4db8b0a1d477b4752b91caf66d1a8f9cd9b9a00ccd1f97ebc50f7d7d40dc88543a0c9e7476dd4082d28744ca317eae11ca790cb586a15f39e07040774d769fff5e1f59512787697962023a07ff535e31974764bb60ebcc24d78fa6581a5d7a3c2ae75d08830dbdad1b189d8cb82c2e4cb040577eefbd8dc8d6d66dcc25a1d2c8f0837352a16567b831dd3845c7778b2ba0cebddb70957db9d4348295f0e113c78e5db699d7550643fc725b39c1a9a9bb027b53aa6fe3c2d82b30dc9b55c576c699504ea18b7d1aee714fc123e2432a0ff3d8cb0e3501ad155c82a4dfce0c269569f5f7929d1d3ecc4f9651040806d8c373710500351a366f17ba73a3d406d8b472ec0e74ee08a7f4f9e95fc7737a22f5254c810dddbf0d195ebb783531af9133c83051af4813a4666c3ad1bd464d6d27091de4f365eebf5a61323be68cf124523783b5c36ea4b4ef3e5c933a4ab254f95a033447f21f0ef1b781d56003dc913d52eec8028680fe319b4f542f91ef97d9b6b604a1502557a7a47982922689f61bcf3e5ac4e3baba68713b655286e7be6cb93e4f781d86b5a7a814ca5ed271f53237a89154dc53673d7742e7ed8d1cfb57a7b49f2d8524d23d32a408153db1be216feb175ead2041944d2539915c3c44e39ffeea6ada5bd7417caaf48a902b52c32f29ebd7edd9b490349d1718b31d576dc36a4528a516d58de16067aa9d250d2924690677a8cfb4046bf0dcc447f3572cb2e1926a27c9554a749931928b723b7153fd779627ae322f595963cff4ce7eaf76081e2930fdb0479373ada232e7208881450f7815b4a642ec87650cb17b35d05f595e21abca67d70edf9b03df37b0a2b20aa508bfa6953a828178427b93796bf7f2fa96221e6bc34119cc950c1a44d2e5552a7b7e91a72a2ee944b311d49bc195dcf3e06543f39bd9b2b3b2c926e71c8c129077ff87ff17a9e21bcab230a38c799b64f240a8773fcc1d9a014a0859263f04bd233a43d2ee56d030c1416cfe6e61c769061b3ae8186bbbf15e332e04346612508cd04214091fb5f0bb011c57f392ec055c6d6a9388c5b63207f9c6e5e6cb79031c7eac5ad1ff3c99285347e10fa47814755b6aa8df34478c328abeb9f17c00831ee841b7c69935bc13d5b6812e491f0cad97d4c38eb2fe3932db1a63e7a46e9abc476ecaffdee477b5a80bab93fa864645934c24befc602a3a128a2fa8bc6ecd4c2953be61c06da60f7e022dd6ee331782c7ccc0f3f6fab7aaf20dc7419c48a242a9c684d8fe13d613e279424defca4990693eeb085d6acfd0a53627d3444a9f62841a3232f76cecfd651e204120c05982960e78b6997f431fa7436ef57a429eeb723fda138e214d2cf1e2e10fdc43a50e4892ea7767d862574b3788ceadbb8c4dc0d6a35a53d00e7746f19bbd73b58b6e1285eabd1de913c22df74e8e9b2441e1afd5a80acaaca3c024f51e8c9a6ba6894151ea8c760851d7da116850fbbbd6c1959dfff5046ed8e86fcfa158ef676b5e7abf8333708ec04d3f2779b05835f6f9864c65f82cc917ec4f33882651ea9740d31cfbab5f458f15dab534d0fd00feee1447508fafd925722d6ab6e18a4fd8f4167e9d33faf1003181ba7380d366c93f31f9fc1a4d59caab7870bc3d49ba72d3405a0e184cabb508fb0302c393ff425e451081d890c277804bda06872ca26c4b2cebf141119370cc3516c0d24bc5c818292b48fa3712c2bfb320af66e875d9c009de031c2c5bb6594635b5c76407be249fefbc1960ac8b742be6f81daaa19cf290b4717c0c0783d79e2d0e27d0042c8bf5119d949f39b4c5f3d184c8290016828a2714742865aeeec87d1c5d90588ee1cc133f405da7c99243d880ca1865c2f2fc7eb56ab0f5cc0b167303076b40f33ca18fc8a2e8604ac269961b0b9d5d91646419d52aae5fd111b3351953a0550615ed2deefbe8f96ee35cbcc5d84811765a58bc2784d63b0caf30e65b33e20d6ec036cd453769b605d5e702e8bc9fdf136114f588ae19868ba5c6db5760ace477b9410a59ecfdc4615e13a797fc4ad944d5aa6acf7e38bafd8a0b7b82c3f5faef959eeb4db2aeb7a2efce63ecaf06634790e5e91e3ff5eebcb4cc7a624baf8bb783868db7012f026e99d28882a492ad9828628bf81a832f7d30aa53b93c684a03200cc3e669e9f805e8f6be6f2ee82986c39a6dc83613e3585b0962c7ff0bc8eb89c1653ba29575919fd1aa8cf8a13666d673b78aa718bffe15cacba62d86a4b383c8a0d8083abe6d13fcb13177bdf6ae05c18b4ce68bfc2378b9b824b72fdf3f413a0d24a0d6521ff606d1c1b4bf47de4766d7ba640439d048f5c50cc0941fd30cf757b22cf3af237b7ed13f4b9b4e6ce880b901b6c6290444fd61b341f296d99aad79edb4783073dbd94e02a94a43244ad53db6b9328cd93c14487794fc48c7591dfbf97e575e2c2af4c25c0c13ceef05143c1f47a4afe923a941e3c016cfa27989e1046c98bf9a342589b7ab06215ef7dd95a603ade40b6a9cd54c15a4d50cdd38e36388dcfbb0c90ab1dae6ded495300cfe04f7fc5ac43affb791baf3b042afeee3680048d5a30b7cb8c8af74e488f468c48167fd4cced8d48672f1005f5a06c630d0ea53a4332afbc2e951cf229644373a1ce510bd960b410bd9017bea82a4175e1fec1f40c116493e814eb74661c9694e814c068441e873222e520c4d28ab5ba517170ccecc1320758f25265712d08aacc16221bfba3aef82d9aa8c8e8a0d78485bea1710eb6ddb186d519f83fb3db483a39c134a412610f2a2a3fe51591177c4399eb3a07036f8d920c0a672a220164580d0ba640d5c1150f63f1a828f26d25a7388fea984d12692fe839f2a31b76e12901df2246560107de964907ddaa0023781a3c70e421e1133d196efe8abb64708619c43da85bb448d74d0e1ce6a331b59b0b3af9f49929eec67971e3b4127990d225eef058a6f86df03773b2b680f821fc6b06a6ce5a161572b059e9888bd91bf4a5419d0d4de7db5ff519bd243a3071ea306dd15a68dcab039c12b02ad1c11e09533cf789cca79103d8c16a3cf232fa4f117c297231293001bcf8973249c63e54d30d70ae396dec7a315cad9dadb7063b5fc218fd3b7ec21fa97a13b944b99c42fe7e63a88a52600d09c30dec5354bd92379ee334048f7d2a761eadd99bfe932293ed883e865fb059ab5e07a7f9a78c8717380dee08c2e519c918d866b0fdfd31039b102ee8233dad3f01978c4de305bc6084e65ff3faf132734a7b4c7b0deb8f1b330a14b566689c8cedfb742c8b24187b9fa6f05797ea19a889ed1d37f6f3aa1546299c3f2d481ac7d67c1b4ca099e79ba1d893aaff83d8a0a999a2245a42823739576d68176ad6dcfdaab75c1a0f548264fc99adf8f579cdd26310250a10c16a061a250a5445b6b2c726db29bff7ae0de087383188341c0b1719f9737e7b00cef639170f89805f21c2fe379eacc33cfa0d40b34df58c8197237601d11158d48c5b9b89b14c2c522758223dfacaab9b04e27a751d2e3a74f87e391a82f84cc2529fe2f1cb46b2625b4af1389f4650149350ca49609da8a2bc00cf24a09463a2b93333a18cf0f08fb28201894e3583abd274a9d70c99ba02c727415b67961d3f8da52908b103151b6258600c63f741857a453a0d7443087496e4182d7580d3212411d08cc16ca75e0b40a2df7a6d9e3c39ffee76be985d3054ba7987823dd99bc6bde83ea4a2de2a11b87733a247d26cceb82d894e8b448445cb88562bdc902918b01d485de6d04287eac90651eaa52c0c63faa35ee92abf38968b3954ba821d8cfe393e20af787b9fbddd9ae1a57ad61775b4833d150c30a91b4b7a00ba91688e971a9e9b2955819b4447b042530b99326da604565c4fb874d782f40f18c3fec80c6c472cae22133652ab2b4d7d375e4e8c12242afb487f5ae27d3b0ecd9b2312140f03a75d07ea0f59ae6cdba6cfb364c2206f204f009a09d63b5642da78722a462d34396ca6b3c5c513a4a0152854de70e93d983e3d9b3a1031fc0af719e5630273c05d34acb3d2ae8c01c50207fa5921ffe94fb6866076e3b753dd779e91d75a1ec699ec459c41ec46c77a97fa4a20bd1dec2995d", 0x1000, 0x80}, {&(0x7f0000001f80)="d9fc8ccd2ffb717c162314fa4e14ff50bb8cfb064e047f078cc6507f0fd4594ba6225f029d0a703e295a4b1d7e9fea21dcf6581d42db4782915295001e53437a21f7ed32c9aa7fbd93e53c2a794100f23dd8b30b89790a323640e547cba5314659f4c82a058ac13028fabb2acb3f", 0x6e, 0x7}, {&(0x7f0000002000), 0x0, 0x1ff}], 0x1000, &(0x7f0000002140)=ANY=[@ANYBLOB='unhide,sbsector=0x0000000000000001,map=off,dmode=0x0000000000000000,dont_appraise,fsname=bdev,fowner>', @ANYRESDEC=r7, @ANYBLOB="2c7375b77b5f747970653d70726f635d28235d252c666f776e65723d", @ANYRESDEC=r4, @ANYBLOB=',\x00'])
sendmmsg$sock(r3, &(0x7f0000002000)=[{{&(0x7f0000002200)=@pppol2tpin6={0x18, 0x1, {0x0, r3, 0x100, 0x2, 0x4, 0x3, {0xa, 0x4e23, 0x9, @rand_addr="94c71d187960bc97f44825e9b81ceba5", 0x4}}}, 0x80, &(0x7f0000002700)=[{&(0x7f0000002280)="c4405c39a68dba7a436870bee99e18c6d0249c790f65a3cf821b7ef2c31a4c6a9ee84243917d3eac38eaf67d32b0e2d04a6575f8f10c989ffe199836b4ba91ad51767461443b0188d654d57dc59db07eb3dc414ae957c08fad036b9ebf3858dd33ac6792a893c4b0162765eb579e36535add299bdbdb9b504a23dfb05161f7520134ed4ed3d89c0ebe7d8748727f1dd2a3d13d44b2606f6e59dafccc9fb6b4356579eed7e2dd14530f34165ffd6a2631e9ed365ec19834debf3dbeaca401f2ddebfd001d34dc733a55a87f707b4d1d737f7d385eca5e8d8875e0d1cd9eb57ebe0a46003788653a69a3385c2ac1e5d418c33c", 0xf2}, {&(0x7f0000002380)="a4b1d728c3857f80cff80d311f9fd3d6918c917369b17ba1944f3e6a6dbf00dbb15f993cdcc6c5d5336e67eae9020a520cf270fe7d8cfb09e72e46b9b2e793ff1e7844fb3d69fd0af80161e01fbec19f146c9b3d0889d65f0e05af2cf160963d3a941fcbb19c580e1833b09d061fbc6be144f25957822932a474825674ad59cf8146d0398f31972197847d1f000f6ff5d0a4c656d5e50fd94c1d221e409f5a6cc8cbe6ebb48a291b1784dfbd3f591da8f9dba189348ea370c44956f3e199982ae9098923a2720050d5c0dd2acc35eb1fb19ef2f97507d22cc7c2353efae458f37f2827df7ce699629b3b16", 0xeb}, {&(0x7f0000002480)="b00c1675b8cfba8ada5b016b0ad22ff7bc0bec3af9af8395d2b60b0208e126c6c0edc372eaa5ccc7e90ea856c866c631d7e43da49e4778a7a147dac8ca2343ea377fd14dbc8831c7db3f73", 0x4b}, {&(0x7f0000002500)="831c381d80a957835e0148e7618d1a9915f8f925d9b2406114b6cabaa2ec4986cad8daac441e37875fe6fe613101c9ef882a0724f8b4d7883b6f86f626de03d539802f210eb0c60dd74a46437e0f126a99b83fd70e2d7fba2f0c63470368cfe294f8007c8e6fa2dfee0b99c96bf96f9892a2e3966e50a23bc03150c7cb9538bcff8a4375698988a5f4d24edbc8a17c035b74422bef991fb0888eca9f86291bbb536811c7ba02e816d92559342319c3692c48b7308f8de7a567c45918806ddee81a92fd117c84ce92cc862a910f36d084c007d9991f40492ec5e3933ddc3cebf51884885922a2322764796cea008641c666e366b35878", 0xf6}, {&(0x7f0000000e00)}, {&(0x7f0000002600)="644e47475ca1b5950d5ac29d5afe6690bd32874af6baa49e58e94c8fe089c22ebb7950560df0e39ed7b1db03e6933799b2af1e69269dae6c39d592a138db8892b06f6b37af8806b88391f1b44f0045b9648ec9edd744d33b147faf449ad3532d72c4c8c4522cb85d4f5229bc232c165c496549efa0569815e929acaa68c56ba8cf1a2660f929df1e2b8d1c53d7184068fb7b333fdcbbf624b95ce2e0271d05f34f4af8f1b0b443c371bfd2aee21fb0622303481bcac35de16b8058bdfbe9ffa5514537040987b57ffc76789b2f91df709c5f2a1e42383af7ec1e0d02216ff6eeda662ab21d5832c3a2a864eba1c633", 0xef}], 0x6}}], 0x1, 0x8000)

00:33:43 executing program 1:
socketpair$unix(0x1, 0x4, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

00:33:43 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000340)=""/140, 0xffffff89}], 0x194)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vsock\x00', 0x501000, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r2, 0x4010640d, &(0x7f00000000c0)={0x75d, 0x6})
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:43 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f0000003580)=[{{&(0x7f0000000000)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff}}, 0x80, &(0x7f0000000600)=[{&(0x7f0000000080)=""/135, 0x87}, {&(0x7f0000000140)=""/211, 0xd3}, {&(0x7f0000000240)=""/153, 0x99}, {&(0x7f0000000340)=""/222, 0xde}, {&(0x7f0000000440)=""/159, 0x9f}, {&(0x7f0000000500)=""/246, 0xf6}], 0x6}, 0x6}, {{&(0x7f0000000680)=@tipc=@name, 0x80, &(0x7f0000000b40)=[{&(0x7f0000000700)=""/201, 0xc9}, {&(0x7f0000000800)=""/205, 0xcd}, {&(0x7f0000000900)=""/83, 0x53}, {&(0x7f0000000980)=""/128, 0x80}, {&(0x7f0000000a00)=""/249, 0xf9}, {&(0x7f0000000b00)=""/19, 0x13}], 0x6, &(0x7f0000000bc0)=""/176, 0xb0}}, {{0x0, 0x0, &(0x7f0000000d80)=[{&(0x7f0000000c80)=""/242, 0xf2}], 0x1, &(0x7f0000000dc0)=""/249, 0xf9}, 0x7}, {{0x0, 0x0, &(0x7f0000001080)=[{&(0x7f0000000ec0)=""/246, 0xf6}, {&(0x7f0000000fc0)=""/175, 0xaf}], 0x2, &(0x7f00000010c0)=""/209, 0xd1}, 0x7}, {{&(0x7f00000011c0)=@nfc, 0x80, &(0x7f00000016c0)=[{&(0x7f0000001240)=""/90, 0x5a}, {&(0x7f00000012c0)=""/202, 0xca}, {&(0x7f00000013c0)=""/196, 0xc4}, {&(0x7f00000014c0)=""/208, 0xd0}, {&(0x7f00000015c0)=""/226, 0xe2}], 0x5, &(0x7f0000001740)=""/68, 0x44}, 0x7}, {{&(0x7f00000017c0)=@un=@abs, 0x80, &(0x7f0000001900)=[{&(0x7f0000001840)=""/190, 0xbe}], 0x1, &(0x7f0000001940)=""/64, 0x40}, 0x4}, {{&(0x7f0000001980)=@pppoe, 0x80, &(0x7f0000001d40)=[{&(0x7f0000001a00)=""/255, 0xff}, {&(0x7f0000001b00)=""/150, 0x96}, {&(0x7f0000001bc0)=""/101, 0x65}, {&(0x7f0000001c40)=""/227, 0xe3}], 0x4}, 0x80000001}, {{0x0, 0x0, &(0x7f0000001fc0)=[{&(0x7f0000001d80)=""/194, 0xc2}, {&(0x7f0000001e80)=""/41, 0x29}, {&(0x7f0000001ec0)=""/114, 0x72}, {&(0x7f0000001f40)=""/57, 0x39}, {&(0x7f0000001f80)=""/49, 0x31}], 0x5, &(0x7f0000002040)=""/20, 0x14}, 0x1}, {{0x0, 0x0, &(0x7f0000003280)=[{&(0x7f0000002080)=""/4096, 0x1000}, {&(0x7f0000003080)=""/162, 0xa2}, {&(0x7f0000003140)=""/75, 0x4b}, {&(0x7f00000031c0)=""/22, 0x16}, {&(0x7f0000003200)=""/69, 0x45}], 0x5}, 0x1}, {{&(0x7f0000003300)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random}, 0x80, &(0x7f0000003440)=[{&(0x7f0000003380)=""/174, 0xae}], 0x1, &(0x7f0000003480)=""/241, 0xf1}}], 0xa, 0x10000, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, &(0x7f0000003900)='dctcp\x00', 0x6)
getsockopt$inet6_tcp_int(r1, 0x6, 0xc, &(0x7f0000003800), &(0x7f0000003840)=0x4)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = socket$alg(0x26, 0x5, 0x0)
getsockopt$bt_hci(r2, 0x0, 0x3, &(0x7f0000003940)=""/103, &(0x7f00000039c0)=0x67)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
fgetxattr(r3, &(0x7f0000003880)=@known='trusted.overlay.nlink\x00', &(0x7f00000038c0)=""/57, 0x39)
ioctl$SIOCX25SDTEFACILITIES(r1, 0x89eb, &(0x7f0000003a00)={0x40400000, 0x7, 0x3da, 0x2, 0xfff, 0x1d, 0xf, "a35e62fd0a70a32716a4bd7bee043af53bb7098a", "3d706cc6e33b020eff8c48d9ddbfa11c9405f559"})
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)

[  299.588776][T19217] input: syz1 as /devices/virtual/input/input175
00:33:43 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4004556e)

[  299.785716][T19252] input: syz1 as /devices/virtual/input/input176
[  299.889888][T19252] input: syz1 as /devices/virtual/input/input177
00:33:44 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:44 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm_plock\x00', 0xc00, 0x0)

00:33:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$null(0xffffffffffffff9c, &(0x7f0000000080)='/dev/null\x00', 0x200, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000001c0)={<r3=>0x0, 0xffffffffffffffff, 0x0, 0x8, &(0x7f00000000c0)='\'+\\user\x00'}, 0x30)
ioctl$SG_GET_COMMAND_Q(r2, 0x2270, &(0x7f0000000280))
ioctl$sock_FIOSETOWN(r2, 0x8901, &(0x7f0000000240)=r3)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f00000003c0))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
unshare(0x4040000)

00:33:44 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x40049409)

00:33:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  300.287360][T19266] input: syz1 as /devices/virtual/input/input178
[  300.324608][T19265] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:44 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
r2 = dup2(r0, r0)
ioctl$UI_BEGIN_FF_UPLOAD(r2, 0xc06855c8, &(0x7f00000001c0)={0xb, 0x9f0, {0x57, 0x43e, 0xed, {0x8001, 0x8}, {0x7e3e3bae, 0x456ba6b2}, @rumble={0x90d4d19, 0x1}}, {0x0, 0x7ff, 0x1, {0xff, 0x7}, {0x6, 0xb8c}, @cond=[{0x81, 0x1, 0x1, 0x1ff, 0x1, 0x3}, {0x0, 0x25, 0x1ff, 0x3, 0x7ff, 0x5}]}})
ioctl$UI_SET_FFBIT(r2, 0x4004556b, 0x2)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
r3 = add_key(&(0x7f00000000c0)='dns_resolver\x00', &(0x7f0000000100)={'syz', 0x1}, &(0x7f0000000340)="866377a1beec774b4a34260fc7252d594903c803316b7cc00fc18da6b19919d387cbe9c56d725bac2eaa31d3bccdcac33df281771fa3440a3abb8a12a75a17aadefe7ee83114af4d580104b6addc4e24ce6d256cf8b4b95493cf3dd6a524c7c6b786e525445e5b767ef9693060e18719", 0x70, 0xfffffffffffffff9)
keyctl$assume_authority(0x10, r3)
mmap$perf(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x0, 0x10, r2, 0x0)
write$FUSE_DIRENT(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="10f7ffffffffff0c0000000000200000e9dd513cd70aa0f1699904562ea5452fba3a9a843445b7477f04de0f0e1c42478c27de15f74a2e1c016b9fd25c4c859df6b11f3473fdb296df3410a49b1710cabb6580f2d5c219d7beb73916dafe91c1f245500e1d4def08ae9663b105d241768816718ebdc2243e4628febfe25ba1a14d85fcfd3e2d15f387389de85b127514c57a2bd562ed6532c6f8192e9bba9d73028b0239ca9f3931b445b6dfa5fec2"], 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x1, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x3)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:44 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4008556c)

00:33:44 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x8, 0x4000)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'rose0\x00', <r3=>0x0})
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f00000001c0)={@multicast1, @local, r3}, 0xc)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
r5 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vcs\x00', 0x381580, 0x0)
write$P9_RFLUSH(r5, &(0x7f0000000040)={0x7, 0x6d, 0x1}, 0x7)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0xd, 0x0, 0x0)
accept$packet(r5, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
ioctl$SIOCRSSCAUSE(r5, 0x89e1, &(0x7f0000000140))

[  300.486142][T19283] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  300.506889][T19288] input: syz1 as /devices/virtual/input/input180
00:33:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x16100, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r3, 0x84, 0x71, &(0x7f0000000040)={<r4=>0x0, 0x7}, &(0x7f00000001c0)=0x8)
accept$netrom(r3, &(0x7f0000000240)={{0x3, @default}, [@remote, @default, @rose, @rose, @remote, @default, @null, @bcast]}, &(0x7f00000002c0)=0x48)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000200)={r4, 0x3}, 0x8)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:44 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000000)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f0000000580)=ANY=[], 0x53)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
exit(0xf31)

00:33:44 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4008ae89)

[  300.691434][T19308] input: syz1 as /devices/virtual/input/input182
[  300.780867][T19308] input: syz1 as /devices/virtual/input/input183
00:33:45 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf0")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:45 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x9, 0x0)
ioctl$RTC_VL_CLR(r1, 0x7014)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)

00:33:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = syz_open_dev$adsp(&(0x7f00000000c0)='/dev/adsp#\x00', 0x0, 0x100)
setns(r2, 0x20000)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$sock_SIOCSIFBR(r2, 0x8941, &(0x7f0000000480)=@get={0x1, &(0x7f00000003c0)=""/138, 0x40})
r4 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-control\x00', 0x0, 0x0)
ioctl$UI_BEGIN_FF_UPLOAD(r4, 0xc06855c8, &(0x7f0000000240)={0x6, 0x1f, {0x57, 0x2, 0x100000001, {0xfffffffffffffff9, 0x46}, {0xfffffffffffffe00, 0x401}, @ramp={0x7ff, 0x0, {0xc79d, 0x7, 0xff, 0x7}}}, {0x57, 0x10001, 0x47, {0x3, 0xf12}, {0x70, 0x101}, @ramp={0x7, 0x6, {0x8, 0x8d, 0x30ddfdb4, 0x622}}}})
r5 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)='trusted.overlay.upper\x00', &(0x7f0000000340)={0x0, 0xfb, 0x20, 0x1, 0x2, "935e6a728b77147d4c960f3363f713ce", "c30c7b54539ec5f2a04069"}, 0x20, 0x1)
socket$pppoe(0x18, 0x1, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
open$dir(&(0x7f00000001c0)='./file0\x00', 0x1, 0x14)
fallocate(r2, 0x37, 0x1, 0xf59)
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$IOC_PR_RESERVE(r5, 0x401070c9, &(0x7f0000000380)={0x5, 0x8001, 0x1})

00:33:45 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4008ae90)

00:33:45 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:45 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x0, 0x0)
ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_PIT(r3, 0x8048ae66, &(0x7f0000000000)={[{0x9, 0x8, 0x8, 0x80, 0xffffffffffffff2b, 0x17, 0x8001, 0x200, 0x4, 0xe0, 0x800, 0x1000, 0x6}, {0x9, 0x83, 0x8, 0x196b, 0x0, 0x90, 0x40, 0x401, 0x5, 0x2, 0x7, 0x6, 0x80000001}, {0x6, 0xe55, 0x5, 0x6, 0x11, 0x0, 0x5, 0x7fff, 0xfffffffffffffff9, 0xfffffffffffffffd, 0x200, 0x9, 0xfadb}], 0x1})

[  301.169886][T19321] input: syz1 as /devices/virtual/input/input184
00:33:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000080)='/dev/media#\x00', 0x3, 0x0)
bind$ax25(r1, &(0x7f0000000240)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x3}, [@bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @bcast]}, 0x48)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r1, 0x6, 0x15, &(0x7f00000000c0)=0x5, 0x4)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

00:33:45 executing program 1:
socketpair$unix(0x1, 0x6, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r2 = socket$netlink(0x10, 0x3, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040)='TIPC\x00')
r4 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000380)='SEG6\x00')
sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10400}, 0xc, &(0x7f0000000240)={&(0x7f00000001c0)={0x58, r4, 0x300, 0x70bd2b, 0x25dfdbfc, {}, [@SEG6_ATTR_ALGID={0x8, 0x6, 0x80000001}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x101}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x2}, @SEG6_ATTR_ALGID={0x8, 0x6, 0xbc82}, @SEG6_ATTR_ALGID={0x8, 0x6, 0x3}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x1}, @SEG6_ATTR_SECRET={0x4}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x3f}]}, 0x58}, 0x1, 0x0, 0x0, 0x4c005}, 0x0)
sendmsg$TIPC_CMD_GET_BEARER_NAMES(r2, &(0x7f0000000100)={&(0x7f0000000000), 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, r3, 0x300, 0x70bd2a, 0x25dfdbfd, {}, ["", "", "", "", "", ""]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x3783476284c5acd0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

[  301.257990][T19321] input: syz1 as /devices/virtual/input/input185
00:33:45 executing program 1:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x3fffffffffffffff, 0x3)
unshare(0x20040600)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080)='/dev/vga_arbiter\x00', 0x80000, 0x0)
r1 = dup3(r0, 0xffffffffffffffff, 0x0)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x20400, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x73)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x400, 0x100)
write$UHID_DESTROY(r2, &(0x7f0000000040), 0x4)

00:33:45 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4008ae93)

[  301.395453][T19346] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  301.433742][T19351] input: syz1 as /devices/virtual/input/input186
00:33:45 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x101002, 0x0)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000140)={r2, &(0x7f0000000340)="de233f5ee6033a9bde84348721356b7c593d1634bf87353b25931c1ebf1a333ca3dfe6a3927ebd90e379946e35aa903331464d6611ea7ba68b1af6168006ab2b4f46bf0b3fc5d12ae9724c0200ede23458ffe5dacc2af5823f3d6392e25fcb82bc9b2a25e069171886d71540bd3fdba38ee80c22a225628e02b06eeeabbdb01765e5485ec545823cde7f4bea0e88797f736661d53833244edf22d3318151b7b37560b91c9230b8dfce1cde162a3b85e6d16b2c4783115fb7e82901625ec7a75781f1d9f68380645f9236d6bd481041f3e4a894148108ab10ff5d209c4decd6c8710af38c70b5b30ce2cc8004ba8d621b54f16a2112b5ae4f3db253d5678e7593993a82f6e76521176a47497f912afdc6117cca639598e50d45980c25789a8b1b00be3536c2a6a7a72a8738ca044945cc8de450e5c4bfa9189c2d5370650341ec707d18974a790ce0553c51cc9d44af402022e4baaafdecd9327b47f5a05316166036e04459a4dde93867082eda98196d9a3d664f1727ddb99ca81e613f02fa97394389db5331166f0e0d810aa83f9b55e743090e3e8c599bcd476704d3ce0c22995a3c1647701079232c5e77e6346665774a1544971cedf4b9cf8a6dc6e00b4452c862b4b302ab3eb8a72380b059ed89df8c7af6e487beba30b62f218ab6b9e244136f69a2f110f4cc6d0203cf254225ad3b1ed0e6607751cb16cb66b8ac55dae1c5f32bff578e8f8eb19c942792838a9411db5e50ef1e51cab0738cd183dc64bbcf4030f126b457a203a9d3a51c47122846d47b3201e57afa87a4921a754394b0d97ef6740a407c67f2ff292d0c15199aee8706e2da73ebc37b5211a0244d8d636081cbbee499cb5d6703682b0cd07053776aa0cc8ee0037c5585c8490dd4bc4d80e1f8cdd4b8c1323017530bd0352bde86a99ac6cfd7a28a05240211536beb9ba74e48d410b7430e1a4a68f2b50265227e3508413cf250b686bf40d7b1b62200a16ff5adae3474cbcf0f47ada183992d5fea04d91590adee2696ce3e6171536e28ea403c66c39c397ca03ea904362d49a5e9a79cc640f0169f9e835487d9b7866757b0019e3f456ea92cf6a13d9227450d0d773c5e0e76b98f13fa5bcee9057c6d075edfb54eb088a16ebc9d1277c00d50e4c2399d37b4b4c2a0f7bf7be5b91d1bd24431e50ec7467b8c5f1f7c9098851bfb90ab23597e2ebac766b7a2a0ae531de46f6b04f2de330dfae33c9eea5e092ec31663a3f2df646a8d7c03b728d02e89ad2d4773360a8bb5208a118eda62a09d66a5b877ed54ef86a17c574cbca6a9f61ef414d2af2ddedcd1c146c0948b0e8061f846c1eae9bf5510ebbc08cc639b02c28eac1f252bb7bfb599d8f01f506067f1871c8b67d11cea304f4aa739bcddb63b3d35f0859ebb70313e0edab65996783729cd960291e4a181740db627cf8885bc3018ad3f631d741684b8baec50029babeecdef93f915f816f3d6ad82e5efa7c1c079e89cc71edd10c4544957c991f663ece69d6f7f67b8c3f87256f5bbd47cb986b34a910321b6c6701c02a193f43becb8a5a836d9de12e1440b7556715e7946fae73ab3e82fca4eeef83b2d34c02e7b355e8a55bd8fa699cc671803a62d4a5fb43d18fa94e30e3d32994aca50160304e02e2cee30922f473aff55228a3c1f93dbaff8f35446eeafce896c65569431fc01cf88bd72a931ee72e6934ef8ec8f4b1fdde08d4851c2bd3bf88c7820da06a38e1d8d22a2803d87fea7adad6cd1415fbe5cd54d9a01333d3c1f80d317438750020c0d930fa3df7242927ac55200e5c00b3a85d910ab2e0a732a101b494dbd8dfe6d0afdf6eadcb5ee366eddecf27191599d02635fc8253fc3945a47af45d9ab9bd609958bedb5ac4f25c69dc6f27c37a052aa3aa9fb08f66cfda9843e61bd24564cf43aa8a2c03a1af7f5b927fb4ceced56e4eea4830b0882829e9c9c7f6bf08359f5b16c7843c5aabce240a9a1c88c5bebad3add5efd6336deded910f6120c985175ccaf578405fdae7e03e76ce84735c63cf434ab1e8f66b68feda8a637af3ffe0976210f0d556771291bb97379a06705c166f17fa4152a10d0f25727b0a6afc3cfbff1b2de3ec1f2205da7a98833eb025397ad58a0c7998c810f4e0a38e6183549293c20a2b09488dc267c0d617b65d4bb3b72eb75a1b9032705d3d262dd07cc246f9865bb1ac67bf673b74c104c3a1d9335b5b69f768ede55bf3d54e4f9aee505d37f49f9758a6bcd1724668017e18c5ba851fc1ff3bb29dc1f343e29a60536553b1f4b7c7d032324780cc31dee3c048c58571db945f2d5e346bbc3a73bb9ddeade049d9afedf2f04848c43402c696bf6bcd04a89071af414acd2a005b473f85a2da29522f6d58cd39aad8db098c0e2e379ee661df421ff5011f82359a1ecdefc16d2478d629adc0d014b21ed31967ab1f1a6ec5efc4da39f5ddce7efaefff25b7ef69818707c42137720a28665e3c7bd63a2fff010d80bbc7174aaad686217f08429dd9fdac6efaf0c4c6d9e139611299e702ad0703901ee32baad0a624aed922ee4a3d9e8874d511ff2631e82bae8596cc05b23f71253f4164dbdef9f69c74036b6f23d9d1d3b8cc1917fb3a25583339fd4b38635940a3ee45aacb78224ef1f6b4c306f628635ef2f1f19ff34e08a1065e74d55efa7133e6dc6c9501c5b4702824233d2a77b61b2d0392d5400d9bb4049a72add5e933a76b4c966efdc02730181aa85f6d82de091db9e4fd8a5071d330428aa8c8ef37e1112fb6bb206e4b41c8b1caea038eb17b9780c450f46f8d1cda199de4f0fe43978a980b711708a8c2b1e6ae9b209b930e448ffa4744a99ac2c38ddf3fb4f4f5b1b246d32ae1eb759946cbb2604eebf560fa4dd5cf2e32e9f0c252f476c069156dc57b2831cdd12a0884bae7e8038e2631da7a6334d72680c5483ad89b804f8583fa946a209cd4589a74b1f9e9ae4ea32b09bbfd6f1daa1bd5eed8e56bad72a9e4bdacbc966ccd89fad70c077631bbe7030baf2bc271c57e02a9157c2d22865ad3ac30182f6070104f9a8cba2681c6b9d87f6b9d6158a39ef7db738e1aa6186d021f0241d2703e6de8fc092a09f67c961519b1a4a7dd1685e1c527ec979b1020affc51ac7f5dedc5c58524fa52890b218f71dd51959ef0a700c74a8d5f3930dcf5e753bb380c924e2b0d13e33dd2f3fe9bd05edc1e37adc8049fc68f3f0ccfdcdddb6e90559e843f4d9cfceffead0dc23f5c9b21dca6e009ad283d2d91b26ee0f6808c736fedec22bb6de6cbcaa07e29e5728789fb5b358c4912e370d7acddb81c0f98f96e24d64c38a4a1bc6f935470ccf5f4bcc07ed9503ed4a4a0faf72f0a7a424456d3f54f2924188ca2e3080c6d9ab974769dcfcdd013e1d9b91e89d1daca3ea68fc1f720ae90e0f3431aa5975b6cd2d262004b1ef5b71ba04ef9a7a7060b4d5b3a9757f52792533aa767fc79c1292b270d8c07c861a7e637318d533710745ac47d1cca2c087c96983ed2cffe6f1391fdf19fcd569ecc240a0a594cfa4f085bde62535b5360cf34fa77b7d6ff5c0a097a390b45985642b57fb1c917069b69e876bdd9de5edde02f4815fcb1eac8fa97b06c2aa600576f8027a5b8ede4fed35f1346423ae231d25ee327311073da887754dd67df6b08fcd4fbdbccc8f405b47d8df89103f4084e2fc17e91634febfcac09d04e17bf991fc683e1615489163313d91f9ebbe46296fa9714ffe6ec8004b818137516ef4feb871d03735c1d6a3305d1b6447ef9d654cec9b1bc9ca003a544a1eb66f887e5e6dbc98ed35a3b2b55f13cf2fed493b97a690589ed484ad20fb74aba584173db167b489644ea966e8ed5e7bd6a4981c338a3fdbd73494a4a1c138696fee2482eb19212b551591ad21b43aa1d521fdda63958ee208c2006d2be63f94fcb06fa5b3c42c3051dc043f16b1c5b5ca939b381424bdf89b835ad1ba51b9d1e9ae06440a3180befb10cd28ac55c343fba087bd5dc948a8a2eb40f6460a0a0b8e532e1f3091cec425071fd69b1dc328cea0a1d860610c839aeb0c78fe613599c304edc08a804bef08b61401db76b3c5f7ec2470d360cb6728e7f16c872ce35a5c68eb5818ad42828c75ec7e310913b87f161399aadd242e7a3e18602ecca8fdd0179fb32f9384fa16e9a54bc133e4e00003d34b09a9898392237db08214aae0d61c834c28e1f1a00810c52b514541e2eaf976aa7f3932e3bae51482118034c858d3829a5a5125d0c3745140478c2a3589e1f80d90fa4e52d6af8b477a4eda5ba68711594c1d9a7d7d82326021009ae8097c03e9cbe76ea2b0197816d2c8219d75471ab5b77898d6cecef4621767998b9e8b6e8e0d73b46deafaf7bf61cb34dd3fd109747f9d69ed3d718f317c04f13041448a3b137f39494195fde07733c154dd28250604b85d28150b54c21785cc1237a8f2ccc27e02aaba2662a3aa577c767057f29b68d6db26f50636dfa17861487e0b8b097e07dfb69493b29406a656ea3676c7a367f99be0fa0a7f74a806ac310d105824962bab6d114ae7651581d1e9c27cfd654771e79f99dbb4e0e1bfa6a4cb9562adbcd253409e76d9c577d2c7793359ee7562f00a69187cbcb8b26f9b990f4870e8e747ed40998d758c9592aae0a41160577b4d933b887a6241a68d1d0a49efc2a8ffdc7638510130535c96ac406c21b9b4507f71d3f0597f61043044f8420e634d3ff653700b6272962450d00879c20d59a72f9f0a837ba718749c6d09fe3dab6c0a0e8072b03ddfbb17bb98ede1b0e93eff3fb08a2545d413923ce88ce77960392bc2b0f8ab6fdc0f13d056b5c03decfcfd433cfdbb884f0ff86d9a7816f8145064b17e7d1136fc7de9ab83f09bad2abc9a4dcb05beb36a4eb2cace258ad84f2805747c35cb06827dd5dda06f36fbd0e2a4e11ab324254cc3dbc947c8d6e6ecd1c512d810878b473b0dc41a020cb7ee7b5aff54e0b58bf50acf8a8b479047f39852861f85a830ddea845b6c6bb1affb9f7b6b4103293ed836c07a72abe3785c690104d0265f052ae455506ef426cc3ceb8af07d7e49172d81999d789739e3cb38ed82632bb905dc91e139f89dccc5a9bd9f65c616e55da2ba234e8559e972d09e54f68176ba0fc222674ef713910f96f88aa48bfef5e29d01bcb2a4a26ae499b4256ee160a49e5ca7dcb4da5ed4022e18b1c4987ec7a0d2f476ad5bf4412fccfa6fb2b127f8b248b1da2d4bda49206c94eece9fbbefa1677981dadcc53426e83d3bd3970c9abb94e181731eac4dafde53e1639d914020c99a02a1efd71728c79360a78cd5da86c9f71a583fb720c88255a7a139ce16be6ae8b46f0d990d98c06c8239b6e873671ffbb02574c1bd57ea5a91ed671a8f27a485f1308d7a7b09d391cb27d9524e11a4eeb792633427e0dda4dae9a4690113e50ba4fcf43a898979f9bddd301cf523dca4546017acf028582d29f8ec7ba875be8e007cd208e53cad90058ca560a35ae9384cce2e2a6a49ca4bebe8310af01c5069af8459400353b896d500dcddff2536f99768f211c32398ea349642d2b9240060d721ac1c6d37506e0e0434a3e13a37f64547b5d5b74e8974290fbd34a2a0cbbc4d47374917f58d76a26e404ff9cf5c7f3419c8bd751e64e87ceb5ebc526fce261d69000625aee80915915c49011d2fdd6a5957b0150424c4d69da4485e2995c265b4d056af3518e706261f4a05133b5394385fa94638545bba4d3e749cdeb5d1c57f4bff990c80f0cf0e23332012a57a62919fc3", &(0x7f0000000040)=""/235}, 0x18)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

00:33:45 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6001, 0x80)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0xfffffd20)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

[  301.483917][T19354] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  301.560622][T19351] input: syz1 as /devices/virtual/input/input187
00:33:46 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
io_uring_register$IORING_UNREGISTER_EVENTFD(r0, 0x5, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r3, 0x84, 0x77, &(0x7f0000000080)={<r4=>0x0, 0x6, 0xa, [0x3f, 0xa6ff, 0x7, 0x9, 0x3, 0x7, 0x401, 0x7, 0xd5, 0x3ff]}, &(0x7f00000000c0)=0x1c)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r3, 0x84, 0x75, &(0x7f0000000100)={r4, 0x5}, 0x8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000300)={[0x0, 0x2, 0x0, 0x0, 0x4], 0x0, 0x1a301})
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000240)={[0x2, 0x2, 0x2, 0x6b8d, 0x6, 0x6, 0x5, 0x0, 0xffff, 0x100000009, 0xfffffffffffffffb, 0x4, 0x6, 0x6, 0x7f, 0x2], 0x7000, 0x40000})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:46 executing program 1:
socket$inet(0x2, 0x6, 0xffff)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

00:33:46 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x1)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r2=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:46 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4008af12)

00:33:46 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080))
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:46 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x10000, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, &(0x7f0000000340)=@security={'security\x00', 0xe, 0x4, 0x4c0, 0x108, 0x2c8, 0x108, 0x2c8, 0x2c8, 0x428, 0x428, 0x428, 0x428, 0x428, 0x4, &(0x7f0000000040), {[{{@uncond, 0x0, 0xc8, 0x108, 0x0, {}, [@common=@ah={0x30, 'ah\x00', 0x0, {0x1, 0x6, 0x1}}]}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "90cf9f7c90aab2bf7911a3c7b3cb50bc0e910f1a01a6ba1e79800d403e42"}}, {{@uncond, 0x0, 0x98, 0x1c0}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x0, 'system_u:object_r:wireless_device_t:s0\x00'}}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0xff000000, 0xff000000, 'veth1\x00', 'tunl0\x00', {}, {}, 0x0, 0x1, 0x65}, 0x0, 0x100, 0x160, 0x0, {}, [@common=@set={0x40, 'set\x00', 0x0, {{0x2, [0x0, 0x80000001, 0x101, 0x2, 0x3, 0x101], 0x5, 0x100000001}}}, @common=@inet=@socket3={0x28, 'socket\x00', 0x3, 0x1}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xff, [0x8, 0x10001, 0xab3d, 0x401, 0xbf38, 0xfff], 0x9, 0x6}, {0x10000, [0xffffffffffffffe0, 0x58ac11b, 0x81, 0xffffffff, 0xbc, 0x688], 0x1, 0x6}}}}], {{[], 0x0, 0x70, 0x98}, {0x28}}}}, 0x520)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)

00:33:46 executing program 2:
io_setup(0x1, &(0x7f0000000180)=<r0=>0x0)
readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000000000000200000040000000f6d7adf2758d0b421edffc1802fa8a12d2d615f763492c96f074c5d411118a6740e7d7cc72050014de59a81047cf7d7f9cb3422a54eaa4cd9a6cc53bce0e793ca0e214397c6b"], 0x10)
io_submit(r0, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])

[  302.090876][T19376] input: syz1 as /devices/virtual/input/input188
[  302.102243][T19377] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:46 executing program 1:
socketpair$unix(0x1, 0x4, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x40010003)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/net/pfkey\x00', 0x440200, 0x0)
ioctl$PERF_EVENT_IOC_ID(r2, 0x80082407, &(0x7f00000000c0))
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x3d6)
r3 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000)='/dev/video37\x00', 0x2, 0x0)
ioctl$VIDIOC_S_AUDOUT(r3, 0x40345632, &(0x7f0000000040)={0x8, "3afc20b86e7349d1d1fa2fafbcf1544dbc867e59136b709624b55e6cd8a5b58f", 0x0, 0x1})

00:33:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = creat(&(0x7f00000000c0)='./file0\x00', 0x10)
ioctl$TIOCCONS(r3, 0x541d)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f0000000080)={0xd029, 0x5})
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:46 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
r2 = msgget$private(0x0, 0x112)
msgrcv(r2, &(0x7f0000000000), 0x8, 0x2, 0x3800)

00:33:46 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4008af23)

[  302.318216][T19407] input: syz1 as /devices/virtual/input/input190
[  302.329538][T19406] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  302.448880][T19407] input: syz1 as /devices/virtual/input/input191
00:33:47 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:47 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x620001, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r2, 0x84, 0x1d, &(0x7f00000000c0)={0x4, [0x0, 0x0, 0x0, 0x0]}, &(0x7f0000000140)=0x14)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:47 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
exit(0x2)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000340)=ANY=[@ANYBLOB="0000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000007f00000000000000070000000000000000000000000000000900000000c804000000000000000000000000000000000000000000000000000400000020000000090000000000000036c5000000000000810000000000dfff040000000000000000000000000000d514f971cffced00000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000314f2304d39e760000000000000000000000000000000000000000150000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800"/391])
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r2 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0x10001, 0x40002)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff}, 0x106, 0x6}}, 0x20)
ioctl$SCSI_IOCTL_DOORLOCK(r2, 0x5380)
r4 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cachefiles\x00', 0x80, 0x0)
write$RDMA_USER_CM_CMD_MIGRATE_ID(r2, &(0x7f0000000140)={0x12, 0x10, 0xfa00, {&(0x7f0000000040), r3, r4}}, 0x18)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

00:33:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000003c0)='/dev/kvm\x00', 0x4000000000000005, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x40, 0x0)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x0, 0x8, 0x12, 0x10, 0x8, "a0d5280d86e18609ac197200de7c5d7ac5dfe9eda652224e8a35bc36824eaee39d35d8684a7811b297ba57f5344cb54dd9081ae94bb20cb887b584748a1268fd", "237fff31447947371a6ce4b14c084a9e83037f29d7e13301d7aee95163dccf44", [0x6e8, 0x40]})
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
r4 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KDSKBMETA(r4, 0x4b63, &(0x7f0000000300)=0x4)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

00:33:47 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x400c55cb)

00:33:47 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080))
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  302.921765][T19431] input: syz1 as /devices/virtual/input/input192
00:33:47 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup3(r1, r1, 0x80000)
fstatfs(r0, &(0x7f0000000080)=""/40)
write$tun(r2, &(0x7f0000000000)={@val={0x0, 0x9a7f}, @val={0x3, 0x80, 0x10000, 0x8b1, 0x6, 0x3}, @arp=@ether_ipv6={0x1, 0x86dd, 0x6, 0x10, 0xb, @empty, @local, @dev={[], 0x1a}, @remote}}, 0x42)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0xa518)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_SUBSCRIBE_EVENTS(r2, 0xc0045516, &(0x7f00000000c0)=0x8000)

[  302.965518][T19432] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:47 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)
ioctl$CAPI_GET_FLAGS(r0, 0x80044323, &(0x7f0000000000))

00:33:47 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
r2 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x0)
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f00000000c0)={0x5, <r3=>0x0, 0x2, 0x6})
ioctl$DRM_IOCTL_SG_ALLOC(r2, 0xc0106438, &(0x7f0000000140)={0x0, r3})
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000240)={[0x0, 0x0, 0xfffffffffffffffe], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:47 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x401845c0)

00:33:47 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000002, 0xec0)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x600000, 0x0)
ioctl$VHOST_GET_FEATURES(r2, 0x8008af00, &(0x7f0000000040))
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

[  303.140256][T19456] input: syz1 as /devices/virtual/input/input194
[  303.164874][T19452] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  303.294650][T19456] input: syz1 as /devices/virtual/input/input195
00:33:48 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:48 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x0, 0x0)
setsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000040)=@int=0x3f0, 0x4)
prctl$PR_GET_NAME(0x10, &(0x7f0000000080)=""/65)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)

00:33:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$sock_bt_bnep_BNEPGETCONNLIST(r3, 0x800442d2, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{}]})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:48 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xffffffffffff91c4, 0x202c00)
ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f00000000c0)={0x1, 0x17e, 0x80000000, 0x7, 0xfffffffffffffff7, 0x5})
io_setup(0x1, &(0x7f0000000180)=<r2=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="fcffffffffffff000200006eaeb61e0cf90000d71cfab08dd8b1e049c8b373798e0573ced8067c3a13c2726b260eaad3db9f86a0573afacc6de0702dc801b035f4028ff6125f2967dd0cfdbe078306fc1084e4eb32ded5bf46e3df3d4b72"], 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
readv(r0, &(0x7f0000001640)=[{&(0x7f0000000140)=""/16, 0x10}, {&(0x7f00000001c0)=""/77, 0x4d}, {&(0x7f00000003c0)=""/98, 0x62}, {&(0x7f0000000440)=""/4096, 0x1000}, {&(0x7f0000001440)=""/66, 0x42}, {&(0x7f00000014c0)=""/81, 0x51}, {&(0x7f0000001540)=""/39, 0x27}, {&(0x7f0000001580)=""/182, 0xb6}], 0x8)

00:33:48 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x40206435)

00:33:48 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080))
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:48 executing program 1:
r0 = syz_open_dev$sndtimer(&(0x7f0000000140)='/dev/snd/timer\x00', 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000040)="11dca50d5e0bcfe47bf070")
r2 = syz_open_dev$sndtimer(0x0, 0x0, 0x2008)
dup3(r0, r2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
r5 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r6 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x4, 0x2a00)
ioctl$TIOCGPGRP(r6, 0x540f, &(0x7f0000000180)=<r7=>0x0)
getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f00000001c0)={{{@in6=@mcast1, @in6=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@empty}, 0x0, @in6=@initdev}}, &(0x7f00000002c0)=0xe8)
r9 = getegid()
getsockopt$sock_cred(r4, 0x1, 0x11, &(0x7f0000002340)={<r10=>0x0}, &(0x7f0000002380)=0xc)
getsockopt$inet6_IPV6_XFRM_POLICY(r6, 0x29, 0x23, &(0x7f00000023c0)={{{@in6=@empty, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r11=>0x0}}, {{@in6=@empty}, 0x0, @in6=@mcast1}}, &(0x7f00000024c0)=0xe8)
lstat(&(0x7f0000002500)='./file0\x00', &(0x7f0000002540)={0x0, 0x0, 0x0, 0x0, 0x0, <r12=>0x0})
sendmmsg$unix(r4, &(0x7f00000026c0)=[{&(0x7f00000000c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e, &(0x7f0000000140)=[{&(0x7f0000000340)="b507a01fef76efb56c49b6b0d65c21c750dcb5270bdc6a0560c1655bf521dec73447ec63dddac89569d705f71b40616c3f3ad73cc7a4aba07fe834aefe760c6552229a67df4e6dd53f2ee348ba253c093cac723fd678cfb4e10527b7473e923ece58b2b394d2a2964507b26d65d38442e18a512ed6d22403e0b7871065b966d3c9c3a7e887c62c8e6793642134cae12dc19c8b699403140904b9e1e82993008d8a6dc86c843b500fa3705ee3c99277ba7157fde39e02904f5608f52ecde2c183795c31afffd3fe0c4e01322e904752ffc05c6838cbfd518443406d830c1a846cd9a4cd1b394e87c05a68a52a44db11875d49712179f94aab7b062ce53f906da3df41754191140d856d63af27acb548ee9eda5b67ef2a557f40229b6a83b87e9bc9727f23f214c32a502ce8fdecba45c40f159d3f6f8276e2937c2ab31519aa7430fd4551c6bfef7e5d2d33310d96dfef6e620e78aa369d13517d85715c20b8c93a4456843bf8c556be8c8245b081470819b881ca59e2a4288c887fcdac8f659dfec65c0de312b05ded14a6a2e9bc2eea58d22c7854822d04c2db3890ed6e0aa0e00fa12b29269e2aa0356f66da2756106b03fd069f19ded2273d39554476a0d4461097947f11b36343c8135ac88c15672ac8e2c0b315b8419261823ca91e2659818d142ea317750a6ee167b8ecefebd6e2d0d68d5c2564183bb05df0e12923bd8374e77b445a3c644e55d7f3f927279eae1c92e62103cfe4e8196d390b5aae13ec7b47ae869e057af91c20849fcc8e4fc96d16a558d51e1fed1bb41e9734692df271d50d9673cbba4bf74099e6a29778c27dde767e15f3fdd8b71f6b3c0b0494f60f81fdee9aeb095c072e5ccd7de809a6f06c6260a5fe261723e778678e497b50061c5fa521770dff927f9b0d0efca4d7d50223b18fb2304621c2a419f522810cf2390cc6c1586c32a523f2b62977464d534e78a4f9db8030c8edb7a56c6625681eb692d941af24dad9aa9e28c9b9815e973e6d67a315941acbd978142e60de2bd1b16a87dfa31fd4f683b6078b4ce7f50df6a832b72079c34fca914cec7c7544ab3c5ac8ac3407899a94268359e495158157867ed4aa926c4383a5d6bbaaa0fadfcc91ba20101de61b47fd815d596f7055b312abd72249ba66a02c9f243868f4978850f3df9679879246f8faa8bbc67763934e07e01f46c077dc7f29544676b937be6f8b8b9a606187decc2185f9a26e5276712743192b2bf772b1144b18b17b25135f7624d04e520021d332ad525991ee468ce11b040a8a294694b4b7832da21d27c8e3a10d0f5d7952cf3bf8e491e41a6be44264d5a9eab81780136ef3b28ba4d78a71694f990cb30d9d38ec757fdee9e910747d693bac59a6572e8e66b748bba4227f170102a8c06ec2344318b8b1574906edb4e365fb0d867024122c2df7973820cfd0e1c1ae32b6a4b8a2fce87942b1dc73a77f5c44c3efd89d232d2ba5ac16d6983137ed5b809e4c31ec23d569dda07fa77262a27f6858f11ba7b7dbfc8484572920e2902a221f8c1c8afa1a38ca25e47557f8d12ae58327221d663f3a5fdfd7a943456d9b986bd6a750f2f4934b1de0735b70837acec1e926d098e51db500fd0f2dbe12484b7c117da39be21e92ca6c349543bd6a061fb8089cdb44cb66fbdcffacd54f02cac32d374b2f45aa8094a5ded69ee6c77ce48eda3f8cdba06618597e2e6d31b11814e4fefb7799a2f806382f6f9067bcf42b752c8268c586fa488e31ec8b69cd2cf4b4652a333e8d4adf56b1324847236b6587b857c525abeb6310c84521160b1eff3c9a9c587a81460fdc19aa51128a9be95b111ec8650730d48b1d22cb5936ef6117a157a58cc2e41a7d7aadc552b934f8b37a91cb4ea61b48275e4a923698031f5f7c688fade8f32db60e4a9aa6e0f5b46b7998003fc57524ed91aa5f826bbe0c068107b37bc192e55eab53d6b2b11f3d429251f1edd45fddd7008379579fc1cc4247803f083bd1c7acd531767979e8781b35b50b8f7aa7e2be4cca0fcb50b0ff1961c46352a85eb403bd1ef396c7de4aec817ec2e97c68f01f317937ff6ea5490613d4e2fb2d17d7409d985a992923c9292f17acf3bfb6577d5c00bee267ddc85e227fdbf9b3cc862aa936f6159314c1a96be857d55bb513c2f7bf42a5c0753ba07f9de8a93f16cfa5759def0bce229f13ab8e4ee41f59d0804669445dc597392248869ea74ef0404908875e78b3dd4690a6080fed4867069a957bb06e1227f62df793497ca5f02135dc42b08d431f734472a99587452113fc87f00b48d996996d0e76817981775198941007a4455a96a929af325828d7687e90e3413132506b6e2eb5275bcb74df844a6226f8bff7b2e7eafe5b3b8dbf28f1cdb7c2a19c997594a630d0435a9f8b5816449b39b1d3d82237c7039eb188355d46028b8e2e32b5f23d747255359a48637aa2fcb1ce2f8f6fd6acb900b02e14e76d5caba2e5a53547cccbfacb8589228b12a0bd28e98696d0fafdc3a65fafa986d67f86f8e05641f9f59a2e0255f05af29996a50922a50416e00c78880f58704ed4e2cfa123e2069d0e2327f1dc259100f0d6d10051f10d65a5b04b25a1977e713594f02ca4a891acbbd9469c3728bdb8ccdec2d3d977afae84bcb8f4680801e97bfd58bbac435c0ee0cb2316cd54fd2da7d80395e4c3f2aa8cd7db88a955026fbb606a3e93a6723700ce3cf53c4355e32c5635fb662b03e5fffa03ce76139c3ecfdd99bffbde572f507aac442fba76373b675ea2965105ee2ca66f96b87f8d1c0376c607f7bdd9592aea43c43096e6e1b11db53cae6c7448432f6246b5127249e7f4f99b739a72d7f015b5f5d178daea19e4d5258b5dc16afdd75a747267486f56216c0ed8e99ff7945e4f6c0513b267a4c9164dd72b42c377b884aa6a450f8c6bd09613af6bab18eac207a69fe7980de72e7cf8c4ed0c36b4bb16e6a734a3ee00aeb938de1a4f2fe481a9fff228c128a82caa83406552fc9412aea2514beab5780f83824914182f4c6d66f80b38ae76876a0926de4b56079d2eaf426f9dd54496eb36c82d1de63b302b7e2a78e99e0bf619d81e1bda3718400fbb845d43ddeb5edcc448225c58fb794977a9be984979807f6addde6f22c9d8e501f16542b7fe2847b0373930be1465ae20f00d0a17212d0a1a0c628d6602085d426b9c991576c5f34fe78d19daa3fd6b8a2ebb9597bcac0decb89326825dd54c5143b5fa6aa7a2dc8572be01f1679acd1bb514fec05fb4f25a1de1b00bd7bf98fc00f43a71f96a3058457f8d1d7f37e90eb945b2a98a2e688264433edb82c4a3c2b8d4b4cf066a92d1619efa34d801ae879b70cac0b58fbed6a2bf75ea4a2ca82808ae9baf98a82e258ad9815e4897c2140493ac3d844c1e18a6284d2af83bc4f576507b868259560c2d09e5e9652ac4208c68019dc61a67ec88b93a838beb7c5020c1f65bd4a0e7457dc6ac86f2f287acf3ad1bfcaac921af9ec0d20bddb7313edfb1c082c476d93b17203b7e0394fcfcce46636f5ed62bdc94fa2cdb4aeb4036c9451079d2829848adb3d5c567d145527faef27c41ccfbeeb51290ffda9e0139004158d3669a45cce897ea55d2d7829080fd2b32a50f007e1cc3c4ef1e0d0963d434a11bc3d57bf952dabb0935c1025c2c97db1c23161f6d06b1f4d661ae9a30c3ccb7fc907e2804f5ffb615cc977a999431ae9fe9eb3fb75dbf5f6432b05c23fa03b93916d7fcccae8c5f6d7ea87c142d1c60025362be7bfdb61c44d5001b6d7f4aa239a954e232c712d36614ba436b955ee9896eb1d64ed11a151b9e2141abc7c10bef9e74d3a0cba2096a670c947b4249831f04004a6a86e219a91b05a12afe3f97d174b94da3f9b3d801574a1e2a49176037092f8000196377431b31443f6c6c1ca706490df40ab2e0670c76696baeb3e41b6fec5ab66488eaed06778ccab0c38cdddb1d914311126b8b782415aaf8998ad154e60423ab58bab32eb8d973f6c3b4295aecbf37b84d81d855cc2efa71de4cc348ceef875ce041be1292046ef9c6ac51e1166606fa208c97d3cc39c8ec586374a89e6be0971b8113eb18e9bd4e8f9b5641c570b2765eb1c7ff00cb1137f8c318ed083219ae5e98362d16a57c09688e5a6c84ba03fb8ad49c7cbf0ed5b332f32d6712d6477506ee552bb87dfc3f4a2df0f3008237edcb4fee1d4da9dc1c9281c17f5c4a7660408c549710349d2adef81bc73225d54408416141de1aa5bdab7d1c1d92d2f4cb47ded03d1c40947ac49ee2915f3bad09fe4cdd6ee052d1a76d0ae2c26e3695ad45356c5288c68a2ca50fb8bc5732d77d110edce08d238077cbbf36a7fccd2f03e31d4843a962f45cb81b4f482e211c43e6d6bd482bb4a8b95a33130086c95332e428ccc39602f84081581f45e0179d3a31a6a98f57e5841dec42ee1edc041c198b1f6735d5063a0a442cc90eee6a5478827154eb6da96abb7ac1416642438d753a4ecfd50964a046d91387ed680284f46968cdf83073d213e484b1708bf1c1b5ef60354b17f0d2a16b2e84ac8f16cc462b1bbaeda552112deee916db33b8dff74c2f819e7a70a3e0d5cb97997b28f802bfae0bfc132562ba8ae04c7d86ae228b614c17625c4c99f060e4267100c599069fadf38b8087d6f2644d0c9467ae0cc71f1aebffaf8c1992b35da856960f0138b6af9d78e70409d3afc413b906c2b8ba96bb29e181b722bf0f9d34f0f4a0c6e3dce5759362d3ac0cbcf0247ec82e3a7fbb29f2ef8d6a2014d601395d0d7ad406124c34422d01b1ab249dc70ca0977c25241fac201c229647a9c91d0baf20162e8417988b4b80fed3951681af131116ac3236a00cc4e1a02d6fa41c2e257afcdaf713a39c0303d57e939c5c56ddf05f6535277b60fc9e6d98c03666c8d792ece24187340284dfdc2b04dfd7221870aee7c83e07d3d763a0a0c9452adb4ce52f3ea8142e816a8ba89ba4edb9a0cb94d7579af6db22a28f2eca48e44dd03889a9ad5ffdc9d77132ffcbe48d4c3948483a9ff5f5d8ac087dc7202055400d169f9bd7170d3738a88ba8ab1375dc04a00c6f42c40a46adad842ee7cccb8c46dedb06c1fbf8fc08fc2774cd3c2bbbc7c2e86c0dc1ac2292d4f74e70aa9f8184b9753739cc9997d2415e128e1eb8c4a893a328193b7e9fbd09b82e56bbdd591f3e78148d3301ff39449c996207e0711ad9df24f94ccd5a42ed40dcb6eee45eafd12f55fc83f07ecbc16c9bfa6082a4a2f879ace102c4d7399ffb4357d6b3e23c6d7a2a900bdeb6d34680bc59daae5443cdf3ac7702a8bd0a08bee92158ceeec58c6ce930591c29747c411e1b620bab6d1fd95a6a8c77e938e50ad281af2bdb22a3508940c068ee0b9674a3134ffa55d9c2fa3f990e9548e0c743d36afa683adc4f148f66bbafe37efe1aabb509373074c6f696e80798acb1a94b6c7e77ab0e572d990f2ff1d00759d20f3fb9c8184812f40167670e135a59549518d4b1639cbb8c5cef0bbab538a31aaaeab3beb733e833c63d5654b798475f5af0c6ebc70e5ab795dbdfc9d9f786c2128bdd1bcf9760e1f733aa485de281f0665ca8ff3bd065ba9fc300dec261bd16994c98a7136327dd0cae112675df0b35e18171fc9adfb21dcc7fbf2d3707053a50a768f59ebf83d3e99f4fafb7ffd2f5dcc86523f8ba0463e321308e9a34088a06917f38d97e01d7a3191c66f928ee561c6f8ebf7e39d0e71bb4527d2f14ec3bbb89661d0b81b81202b5bf683bc9eaaa030c64", 0x1000}, {&(0x7f0000001340)="2d6caedc80214298ccc0a36ed84ad18a534dfdfc57a5c282bae19fba74fb34127d59f6343efc361a163d51e7106b314cdaec04f1aa25ccf2aae901da879e15e9809c9eafc764d7eacb8b5461fc62fe9ce404c7fce40193614020e1cb0a08ffc44a87ce9d54648cef40d20706043bc7cbaf6727d8a0ea1086a50bf0fa58a8a815763ce7b82fa24466dea9653398d3ba03934e26ad85ad015435b4640af63828971c9d15457aaabe48206a4870a02ac042735645e6bb3eccf510bd69a762454fbdfefbe877d350aff1436f8e3fcf46941294e488dd6efee9dc224866bd806397884f312c9f9d0ce4c5e95bf117cf116420324a93fcb7165469b3e77e1260190047ef323d93c09e1f0e106b665de7129ef890201825df29de4ca08ba9c5c7a6389617c0362e5573cf37fffc00ba1d80a6a13257b360c1b6e66e002110d2963b4753ef2b7545b11313d8881e8c152982f4efab7bdb38bd5dadb8b10f5ebe5b649ddaecf8932db894e4115f5acb97d44139738b411eb7a4ed103e988c3f857eaf4a1ef9497756c970f16a59b44aaac270f1ba0a77a34fc642fd9dba74c13ae5fc70768ff03e32683ae6a46ee09e18c9ae6b10cae3da6c9a324205a77b5b0e5b67391bfa083224b0943553b7234946c332ddaf9ff62e92bf313231e2a9cb363e0b17facc33a888bc305fa6f2bc95ff6493c6be665cdf3dc613ebf0fbcbdc63136af0173efec9532aef1d59a4048fe608ffd9831bd9d28c42789df103ed33cc81dfcda35c744248b3795ee7d7a71d28fda0253a6dbad952944f9cbd8e1c6b8e799bb977884e0b06def0cbd2a9bbaa76f0a2bd0066f2e134adecdcfe828c2af15fde45215b59585c5900f57978557d36082ceff027eaf5ead27a179ef3fe1540920954b6cc81765db4da07277be9734ff1affc250bfe3b217b96639b535b8fd248d8597257a8266bb49e2cc8290ed5be9ce499547a56ec2233fb9b26c450aba921c972b59899802ed0262182d8af825f492232e88321e1d20ec01bdb5fa81da1ef6b4753eb86ae5e35049711da47dd640af80eaa49f3e12d36bd84955a57c68b378d2be35b7ba25ae8845b0b5b433b7c8dd4ad646d83e58591f7e42e170dacf12c57bdd87f0350a6dcf269e061922c021216f26188e451b0479c5580303d659d8c9429756b9a5a765e791486187f333a9fddbcecc11c4bc31c335a7eba27ce0b90f0eaad33a485a2d3ccfbed69e8ea1103fed7d642737f3786384d9604221b45dd41c306b15e184a5ea2b2169af4b932c039ab870e80e237139a4808488cbc0a8b3803eb508043ec358f6eecbae070b8553dc704ed32e1e4c86156ded788cd31223abe854d0d84a4b7180dfb8190e87feb5a3dfef7b651251ce164ba0f1734000f94412c32fa77aa43002a758faa52e011e12651cb8fd675a033a252869c81c3617a6e9d9b872549671c61f375f96f9039a39df5c636e73c8c2a8a0387b65197e3c6efa76ca0a89619c74b9b5160546f2409065ccead9610d70f234b8a2dc96a0d2910be95306c0de0a743483cc53dca3153538fd14bd820894a690f51f5e346a590f5faeb8a6f75b23a8dfe83490ed60a6a7405860530c81a70befeda9cb46bf1d1a1334b84bc32b0e420243e214b18e5027b31c18ab0ac9afa5f4032068232ce7ab034d51987c028de6df2c3f303adac493969dd31b5f1d9128df179e4d1cf979b5e225e458e3ae4bedbcf3355bfd55d112be67042f7571fceb600f997d07b894011097f6d1305002408e0a4836726af0bb94c2a6d1cf340a79c7ed01f7d9bb86b537dfaf2fa8b14cdfccb615c5a1ea7facfe9f487aa59440243264420a29059ac59358e4765b862aead63b309169bb916af72c94d73b65635a2aa436f0144db6b5df2e37d0bcc146f21fd936892d3631bd45ab2765ea3ca653c9e9f035174575c37ae0b73a6c0a5e556c5538d71701a52f4627ed010006d9668a40c2f3b3a2dc742f309d6ab0cba84512090079fc781e3332a179c3503cf06645061a3bfd7ad0f77e7cc1b010f25ae8078c0654022108a66715021dca3f4825d271a92fe949e96f66c0d63d489bed4fff7d963f6d5ce6e72a095dd7c14733154e0f14e9b9c172118dc44888c56f9d2e451f4b3c991b434c71f8a62a427a0492c506c618df25fb2f70acd6e5a5182af94565e41d7d2d8807040b0dbd6c3ec6aabd4532e8d7c5866801cf6792c617152fdc4b72ca08deb96aa50ebdf6c8199c668bc7ae80a252ffb42e16d41f8b7b781aa32559650122502bd2881b9f3acffb6c1a799142cf34ed2b96fe2d8c0c5c02c58b1970f938b17f551fde4f3af32eb30e9dd7ba52454360af9610326662ac8b832ba04609f5f44342310a1a0e6831cddcfdc4d5971acf092a2c85b84aa15aa134ea1159e6ef02b009f4832a43c8b598fbed26da4ace6b3058451fcc0968fdd8181e070286809fe129c7c713e2beef97dd3da938ecfe7a76fa1bd2552102cf9935592023c67809f9253da67f53427505813175777e5970b64689d391123cc060d3bf044700e3a3b981cd53c836033640fa00d3b30106e6d36a3ce863e16ba81c83adf2a1304eb8e844df05eeed04c2f2852f75c87a729cefca02abdffe56da5a2a60d3fe10eb931e9476d4f8934395e53ff7b51d231087e7880b81a7c440779fb822303f433d4ee1dbbaef68c3105c803539dd23aa0ed38712ae0454aac11e198939ce79140de6be67dc3af76ddbd5f6a63762906a47acaa126078ead6cfbf23ddb6345df2dd5c8c4ec543fb927757ae6b1eea46613c54d62afabbcd865e271b0541260de14c738a86803220cc1042546268d10ab6396d04105a5531d4be5724b9d63e1335550cada9ab9595a55e0335de3b736c114149017791ff568045ad6d1d1d47d989af62272d6b9be16b5174f633455824204acd131042a38100c1e0763077a713106dedddfd738ab025389ebd6a82b2ec5af1b0ca7609179eb44ca1e147a47aa25195c5e951c2b8c622685b6d2f3136ecdd46d6c29f415dba9dbb6e8f3aa5ebc28a40989eeb93093f03f317224cfd65190718c3b6e39b22823eea357c5c80ac972c88b84e2c116c0b2cb46d84a550d84f1b770d9aec7ea04a72d943e0a9cb90c7919c97d88c9a7c081596bb1b4e5757771d27ba88233ce2d007ee8a2d39849fd38f22bba9f60949e6b0b51125b8dd0b785334bd132096b29883689bd58002aedaf0ba7caf451a7453aa167c34228eabd53df46e36ca3f53d0470fff381fef955a4b23f152f60acc432f45eea94a33e78297e4dfba7c3d27a55a59399d044a57eeb4c02bf6dae766863ff069bda3d9a084018ad4e7f9cfc8bbc2f4c1c4169ab6895464fae5f81c786ad129523322bd1bf90bd24c1c733553daf2f2c93f1c237837c070f0689fe30983cdd3fc68801e58fcd9712402cbc3f6faaabc1faac04f9e9567bff10885f98a0f86f1dccaabd2492719c9688240d7f15a61f71e87e5795ef93abe85a211b177438e08ce83e85ee8b3d829742fd40e4230588d26734d7e869ab46c19963302a5b5f0546ebf5706a839d252a9ce57fa5de4b7dede9a5f77561f8639f314ef5b9e2064696f421ce2930922ad649f1fbe054b23594a49ea56dcaeb28a80ad0c1e2af6579ebe6a470a35f696affa2c4da1c852914660e3ea7041d8cf0b7f563aae5df3b59cbd9bf5e5551e1821c44c4130294b3487152383e1fcd5e91e387e938f657e09c62aa00f8a06c7caad666287e77308b08e866f406a86a5986e0969781f16bf2c77e90c847457a8729d9410bb33641a55ae4a3cd02721695ac75f217656841c3349798a3d732be997188a77019d883e4c38e3146f1684aabcdfb2ca4509ae13c2cd543db91c563c30117114e36f7c14fefc880929d411730460b85fb2dd4d46337faf7370a2979da38812fd315594e49025c0cb4ff3add4b29a90c5dfb4058a99155373fb37c6618693d4df939f960109b85a091dadaa3495ca75e1398bc61ad1ee74889141ddf9d67d02a3e9feee22d4d1bbe7eed6ddb5194249e02587987917a26c19c0e5e8951d8c2e9ffcfd46e15c51723d9e94b045c894d11956c593c351b0bb47a23fc72ada575502adf76fbc7e08fe4a9f94e441fbcbf06c6d442a924eaf27d0a327ed1e9a781875a6afb461185604fd56dc631c68ae846f0811c9940abf6bfe1680bb32f42faf48f14f024710f50d8024e3fc804e820e82938a086967ae6c05d18b1f908d08ec35ff98d4a1068bfc7051314426bd307a1107fcf339e8fb55181772c0eae438637423a9c7f802431a7fc31f47ff5da48098f6bb652bd67ce07cad991ab7ae2b1ce1adc11e6771a79d48fd5a2101101c35f6910ad31419d83c3257f651726e19ea49ff7bcc2e980851c20727dc9255e00345b69fa4de87439112fe9710b017b30091ea836c4057e64cbb9117057edf00911deb8b1dbb5acba38f1031ade2f32d33e0d75c00b72cac0aa5ae8eee79b56b045120d8edb75b2c734554c59b7ae1f5f84e0e25a6cbe8bf931240e500bc2a09de532404937a0dc5f1fad2abfa7b4e3cead59f216d0e2b2fd2efe00366a4413c9e42d866cd0c1d4ba51d0a2bbbc73db4e4867a0682c8e7ee0dac605820a7fe9672644516580128ef8870f4b8d9c6b4415135546c1748e83328353f38dc1ba24359e9daa7c5fb317bdd57e2ef08df17e82b92267ef9b154c9915f932243d79750e551eb5bd4d124d5d5566543866112913129560d1fd200a1d15606696965e316699d274cc20f9e478bd2749eb5801a68ed34ab4b744504581ed1069c7bc34aa888e055f00e0555ab6a47e367789c02b3d024ad719c2763a4c4b12cca7643ad691e6d7c9d76d29591249be77c78b4e6c80eee401f0bc2891714522c227ab4bd3be61dc5a6aebe7e44c95408398a1e3858a9cb506af5ffdb7ff3809f92f1b3101f56419b32e4cebee677852fa73e40fb963f4c3a38133b150b8634a1ee6da7932e1141caa4a8d1681fcea0d45d76cb10170c1904097760672decef5d57c5426538a059571e0011f844313ec5fa7bd04b518c4b38dcfed6f04efbf23bef7f5761166abf1c3ed8515fb0cf62daa2b2d0d07386e4facffceb6d21563687b97a33a19ca23926594708cd65b9e8c8d7545d9e569a8d36ff34c452b8b74ee1bc9e13349af1d3f000675ab1f4c4bc7a215419fe579a36b174578facf2e45792146898b848aa613f8095a5ffafd71ca78e4cd45d87b30dd948bc1edaf7633bc3c40edea4fa0dc58df4ed83161a2a12f93cd29277cdddc0a121e6f6a4cb005a6b0db8691ed96685566e2640bb7eff13b23d75e4d044002dad9bfa016ab98c16041e20e3abfff7501527ef7e678850dafa4d595f9d8b6c2f7771709180fb220f95d519a0d4ee7a302d978385265918bf8b47d3037f501e4f7ab42c2b41db3411322c9ecd0ce99464a1f5e90c12955c061de7b6ad0c45acd4c5aef7c04f5d5d3fbb0b4ab16752d7dbfb52c115daf5a24aef51702e74f2d206a53d922f3bf5aaf921a4e2f690e8406534fcea76302000aa2dea9ba5fb503d2852f9b1cc24434457eebe08eb6ad3b9758286558c65824959ab28858b39f972007e5f62a657c0f5ed7610e42ffac714da5a9b485a5666c9d7ca89441937823ea9110239f1eb24fb30bf65002d3b00ae23c0bf374c920f02f3c1e399bb1cef0e1406e28589e570302bde2881134dfea18cbb147e9fa29f5563828cd307bbbaee476f20ea78858bea7d0d74f2169b83a931c6162feee64a4f2a492fe341f97eb9caab139", 0x1000}], 0x2, &(0x7f00000025c0)=[@rights={{0x28, 0x1, 0x1, [r4, r3, r6, r3, r5, r5]}}, @rights={{0x30, 0x1, 0x1, [r5, r3, r6, r4, r5, r6, r4, r3]}}, @cred={{0x1c, 0x1, 0x2, {r7, r8, r9}}}, @cred={{0x1c, 0x1, 0x2, {r10, r11, r12}}}, @rights={{0x18, 0x1, 0x1, [r3, r4]}}, @rights={{0x28, 0x1, 0x1, [r5, r3, r3, r5, r5, r6]}}], 0xd8, 0x1}], 0x1, 0x1)
ioctl$PIO_FONTRESET(r6, 0x4b6d, 0x0)
ioctl$UI_DEV_SETUP(r6, 0x405c5503, &(0x7f0000000040)={{0x11cc0000, 0x100, 0x609b, 0x4}, 'syz0\x00', 0x2e})
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, 0x0, 0x0)

[  303.788169][T19473] input: syz1 as /devices/virtual/input/input196
[  303.817618][T19477] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:48 executing program 2:
io_setup(0xff, &(0x7f0000000180)=<r0=>0x0)
ioctl$FUSE_DEV_IOC_CLONE(0xffffffffffffffff, 0x8004e500, &(0x7f0000000000))
readv(0xffffffffffffffff, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
sysfs$2(0x2, 0x7fffffff, &(0x7f0000000200))
r1 = accept4$inet(0xffffffffffffffff, 0x0, &(0x7f00000000c0)=0x1e2, 0x800)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000140), &(0x7f00000001c0)=0xc)
io_submit(r0, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, 0xffffffffffffffff, 0x0}])

00:33:48 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r2 = syz_open_dev$adsp(&(0x7f0000000040)='/dev/adsp#\x00', 0x3, 0x80)
ioctl$VIDIOC_TRY_ENCODER_CMD(r2, 0xc028564e, &(0x7f0000000080)={0x0, 0x0, [0x2, 0x0, 0x7, 0x9a8, 0x100000000, 0x9, 0x8, 0x7]})
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x304, 0x6, 0xff, 0x2, 0x9, @link_local}, 0x10)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

00:33:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080)='/dev/kvm\x00', 0x802, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f00000000c0))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:48 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4020940d)

00:33:48 executing program 1:
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x8, 0x401)
ioctl$TIOCGSID(r0, 0x5429, &(0x7f0000000040))
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000003, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)
open$dir(&(0x7f0000000080)='./file0\x00', 0x101080, 0x1)

[  304.029961][T19504] input: syz1 as /devices/virtual/input/input198
[  304.169158][T19509] input: syz1 as /devices/virtual/input/input199
00:33:48 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, 0x0, 0x0)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:48 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x8, 0x4, &(0x7f0000000340)=ANY=[@ANYBLOB="b4000000000000004e0abcc3d838bce827000000000000730131000000000095000000000000005c3376a2c4cad1aaa946fc99d44eba8505c697075c91dda76ce00164c3dc554e6c7b445d891b7c2d05418c3d8b22f0a55c0f9373930000000000000000000000191f056c2d79f630ff939bd585779d790be1ddf8ffbe047ad738738afac222bdaa1a3019688ed251f364c1181fdb0296bc70d426a0cb0da9ed08fd1544a693a1dd3295648d8a5526fe2552e0be9259c90492dadfab728a03288bafbe2bb0bff84018e7c4f705b60f7e8b7cf20fd57891665df773b4479b11f4974b0745e81adcfb9c15277d943e"], &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195}, 0x48)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
r2 = syz_open_dev$mice(&(0x7f00000000c0)='/dev/input/mice\x00', 0x0, 0x90001)
ioctl$DRM_IOCTL_FREE_BUFS(r2, 0x4010641a, &(0x7f0000000200)={0x6, &(0x7f0000000140)=[0x0, 0x80000001, 0x9, 0x40, 0x4, 0x200000000000000]})
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x8000000000000085, 0x0)
r4 = dup(r3)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0xee72)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
r6 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000000c0)={0x1, [<r7=>0x0]}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000240)={r7, 0x5, 0x8}, 0x8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_TPR_ACCESS_REPORTING(r6, 0xc028ae92, &(0x7f0000000080)={0x1, 0x2})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:48 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_dev$swradio(&(0x7f0000000000)='/dev/swradio#\x00', 0x0, 0x2)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

00:33:48 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4020ae46)

00:33:48 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:48 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r2 = syz_open_dev$admmidi(&(0x7f0000000140)='/dev/admmidi#\x00', 0x100000000, 0x280)
ioctl$DRM_IOCTL_DROP_MASTER(r2, 0x641f)
r3 = openat$zero(0xffffffffffffff9c, &(0x7f0000000040)='/dev/zero\x00', 0x8001, 0x0)
epoll_pwait(r3, &(0x7f0000000080)=[{}, {}, {}, {}, {}, {}, {}, {}], 0x8, 0x8, &(0x7f0000000100)={0x578}, 0x8)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0x400, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

[  304.666012][T19526] input: syz1 as /devices/virtual/input/input200
00:33:49 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240))
r0 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x3, 0x525080)
open(&(0x7f0000000280)='./file0\x00', 0x440000, 0x6)
openat$cachefiles(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/cachefiles\x00', 0x0, 0x0)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000300)='/proc/capi/capi20\x00', 0x8000, 0x0)
syz_open_dev$dmmidi(&(0x7f0000000340)='/dev/dmmidi#\x00', 0xf73e, 0x44540)
perf_event_open$cgroup(&(0x7f0000000380)={0x5, 0x70, 0xc6, 0x7fff, 0x0, 0x8b8, 0x0, 0x1e2, 0x43800, 0x8, 0x9, 0x4, 0x800, 0x4, 0x7f, 0x19, 0x80000001, 0x7f, 0xfffffffffffffff8, 0x0, 0x1, 0x10001, 0x2, 0x1000, 0x3, 0x5, 0x80000000, 0x1ff, 0xfffffffffffffffc, 0x4, 0x9, 0x101, 0x6, 0x620, 0x8, 0x3, 0x1f, 0x4, 0x0, 0x9, 0x0, @perf_config_ext={0x8, 0xff}, 0x110, 0x50cd, 0x5, 0x7, 0xffffffff, 0x0, 0x5}, 0xffffffffffffffff, 0x3, 0xffffffffffffffff, 0x1)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000400)='rdma.current\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000440)='cpuset.effective_cpus\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400202)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f0000000480)={0x29, 0x6, 0x0, {0x0, 0x4}}, 0x29)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x40000000)
socketpair(0x11, 0x6, 0xffff, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendto$x25(r3, &(0x7f0000000100)="da4946688d001cd9db5b64b75b7de9d0742f0463faa12f89e4af7a5bfcb57160dc189a050ed95a27baa830a3062917e765e9f259de05e48aa0d426a728d15099af9aed3acea66add1bca5e129740af2ce4b39c31e202bd476dbafc9d8afae5", 0x5f, 0x4000800, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = request_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000040)={'syz', 0x0}, &(0x7f0000000080)='\b\x00', 0xfffffffffffffff8)
keyctl$KEYCTL_PKEY_QUERY(0x18, r4, 0x0, &(0x7f0000000180)='%\xd4proc\xb1\x00', &(0x7f00000001c0))
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)

00:33:49 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x4000, 0x0)
ioctl$PPPIOCGCHAN(r2, 0x80047437, &(0x7f00000000c0))
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

[  304.739182][T19529] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  304.788818][T19526] input: syz1 as /devices/virtual/input/input201
00:33:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
eventfd(0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
getpgid(0xffffffffffffffff)
fcntl$lock(r1, 0x4, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
r3 = socket$inet6(0xa, 0x803, 0x5)
r4 = socket(0x200000000000011, 0x4000000000080002, 0x0)
rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'bond0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'bond0\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'bond0\x00', 0xa03})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r6, 0xae80, 0x0)

[  304.852852][T19541] IPVS: ftp: loaded support on port[0] = 21
00:33:49 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x0, &(0x7f0000000140))
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/snat_reroute\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_PERIOD(r2, 0x40082404, &(0x7f00000000c0)=0xf3)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:49 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4028700f)

[  304.992074][T19560] input: syz1 as /devices/virtual/input/input202
[  305.033405][T19561] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  305.099394][T19560] input: syz1 as /devices/virtual/input/input203
[  305.102762][T19555] 8021q: adding VLAN 0 to HW filter on device bond0
[  305.142474][T19549] IPVS: ftp: loaded support on port[0] = 21
[  305.288961][T19552] 8021q: adding VLAN 0 to HW filter on device bond0
00:33:49 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, 0x0, 0x0)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:49 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000000)=[{&(0x7f0000000400)=""/140, 0xfffffffffffffddc}], 0x10000000000002cb)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x34, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:49 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x40505330)

00:33:49 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$inet_mtu(r1, 0x0, 0xa, &(0x7f0000000040), &(0x7f0000000080)=0x4)
unshare(0x20040600)
r2 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)

00:33:49 executing program 5:
socket$nl_route(0x10, 0x3, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000600)='/dev/ubi_ctrl\x00', 0x121800, 0x0)
accept$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000640))
r0 = syz_open_dev$usb(&(0x7f0000000680)='/dev/bus/usb/00#/00#\x00', 0x0, 0x10000)
fstat(r0, &(0x7f0000000740)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
r2 = geteuid()
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f00000002c0)={{{@in, @in, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in6=@mcast2}, 0x0, @in=@initdev}}, &(0x7f00000003c0)=0xe8)
mount$9p_virtio(&(0x7f0000000080)='/dev/kvm\x00', &(0x7f00000000c0)='./file0\x00', &(0x7f00000001c0)='9p\x00', 0x80c, &(0x7f0000000400)={'trans=virtio,', {[{@aname={'aname', 0x3d, '/dev/bus/usb/00#/00#\x00'}}, {@version_L='version=9p2000.L'}, {@privport='privport'}, {@cache_fscache='cache=fscache'}], [{@smackfsfloor={'smackfsfloor', 0x3d, 'posix_acl_access'}}, {@mask={'mask', 0x3d, 'MAY_READ'}}, {@smackfsdef={'smackfsdef'}}, {@fowner_gt={'fowner>', r1}}, {@euid_eq={'euid', 0x3d, r2}}, {@fowner_gt={'fowner>', r3}}]}})
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000500)='/dev/video36\x00', 0x2, 0x0)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r5, 0xc0405665, &(0x7f0000000540)={0x401, 0x7, 0xfffffffffffffff9, 0x4, 0x101, 0x100000000, 0x4})
r6 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r6, 0xae60)
r7 = ioctl$KVM_CREATE_VCPU(r6, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r7, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r7, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r7, 0xae80, 0x0)

00:33:49 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  305.531553][T19575] input: syz1 as /devices/virtual/input/input204
[  305.561853][T19577] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:49 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
setsockopt$inet_int(r1, 0x0, 0x1d, &(0x7f0000000000)=0x1f, 0x4)

00:33:49 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:33:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r3, 0x84, 0x1f, &(0x7f0000000240)={<r4=>0x0, @in6={{0xa, 0x4e21, 0x7, @mcast2, 0xd}}, 0x3, 0xe5a}, &(0x7f0000000080)=0x90)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f00000000c0)={r4, 0x2}, 0xc)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  305.646230][T19575] input: syz1 as /devices/virtual/input/input205
00:33:50 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
fcntl$setlease(r0, 0x400, 0x2)
syslog(0xf, &(0x7f0000000000)=""/116, 0x74)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x3, 0x827)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x80001, 0x0)
sendto$rose(r3, &(0x7f00000000c0)="81fb2653f723360541021d1dab6a7b09d81292bd0bd2e3f71349278db14c9183bb0523924dd10bb96cb96288758e95507c01228d76c7593e5e79905e1e02432bef60134ea8cc32993b08ad71e0b445accc76319e8b43080e796c13128c09a7abed7a4b59ac71deae43fd186ca491908e1de8d059302c51fe3243ce4fbf86339552482dd5426a3f967398d89a2ef5045896356054200f", 0x96, 0x0, &(0x7f0000000180)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, 0x6, [@bcast, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x40)

00:33:50 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x40505412)

00:33:50 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x404000, 0x110)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000000c0)={<r3=>0x0, 0x7, 0x6, 0x3}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000000200)=r3, 0x4)
write$FUSE_DIRENT(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000000000000200000000000000c578604b6a23ff64200b24b5f1ef7dfc99dcbb05fafd5892c4152d529f40172f4c309364f4adccb2d35fcbdf217d49d113c83d8a4a8b182f215b63635d8e849d6b2f76e01ee91c7e8effcc6e9dd8da4f9fdefe9f02ee3eb5e3495ce7c8d8f15fba18b32a711d31e6f14d2bf266fa44f8d6eb019d4d4cfd5c9fe38b51ea50186a268bec73449c306c88d16105c4079582ded6a8c9be6bac0234adc4a77998b0f2"], 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

[  305.750801][T19604] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  305.861452][T19613] input: syz1 as /devices/virtual/input/input206
[  305.982000][T19619] input: syz1 as /devices/virtual/input/input207
00:33:50 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, 0x0, 0x0)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff})
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
r2 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

00:33:50 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000000c0))
r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x24000, 0x0)
ioctl$VHOST_SET_FEATURES(r2, 0x4008af00, &(0x7f0000000080)=0x200000000)
write$FUSE_LSEEK(r2, &(0x7f0000000100)={0x18, 0x0, 0x8, {0x2}}, 0x18)
unshare(0x20040600)
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000002c0)={0x58, 0x0, &(0x7f0000000340)=[@reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x58, 0x18, &(0x7f0000000240)={@flat=@weak_binder={0x77622a85, 0x100}, @flat=@handle={0x73682a85, 0xa, 0x1}, @ptr={0x70742a85, 0x0, &(0x7f0000000140)=""/240, 0xf0, 0x2, 0x5}}, &(0x7f0000000040)={0x0, 0x18, 0x30}}}, @acquire_done={0x40106309, 0x1}], 0xc0, 0x0, &(0x7f00000003c0)="82358241c82e43f9a6514e5fe9c050bdd88a649dff49f94272d931ae8bb564c9a5129df9e7b487c44c56f4903e62cd12d2f45c51907ac853b27815a5f1cc90b653ec8d8ab2cc184c21398746585e20afbdb45c58701b3e6db20630edd082657305417bd94d3ab3c6941921e945b40ed5aafb8f9e6205139de3cdaa47a3495b1edcd2585a73b6f4e6ea53df5f5f8de60eaf8f5ac3555a8aec1a817ea081dde3443f9b954d7b3c4e16a3a0ecd728d89a8c2773fb102be0b04a3491e660080770d7"})
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

00:33:50 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
ioctl$VIDIOC_ENUMAUDIO(r1, 0xc0345641, &(0x7f00000000c0)={0x6, "c7f918a325dcdc37659a5908dd5313764661246822cd5a3f20cd916d3ca1f35d", 0x1, 0x1})
io_setup(0x1, &(0x7f0000000180)=<r2=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1000000000e3ffffffffffffff000000"], 0x10)
io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000140)={0x0, @aes256, 0x2, "fa9e69aede81424d"})

00:33:50 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x405c5503)

00:33:50 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(0xffffffffffffffff, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  306.388091][T19635] input: syz1 as /devices/virtual/input/input208
00:33:50 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000080)='/dev/dlm-monitor\x00', 0x80, 0x0)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x0, 0x0)
r2 = perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x8e46, 0x1b, 0x6, 0x1, 0x0, 0xffffffffffffca40, 0x20, 0x1, 0x10000, 0x200, 0x9, 0x3, 0x2, 0x1, 0x0, 0xfffffffffffffff7, 0x4, 0x100000001, 0x3, 0x101, 0x0, 0x400, 0x7f, 0x2, 0x9, 0xfffffffffffff001, 0x101, 0x1f, 0x892, 0x8, 0x20, 0x401, 0x4, 0x3, 0x422e, 0x1, 0x0, 0x9, 0x0, @perf_config_ext={0x9, 0x7f}, 0x0, 0x5, 0x0, 0xa, 0x2, 0x1, 0x1}, 0x0, 0x2, 0xffffffffffffffff, 0xb)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x8)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$TIOCSCTTY(r0, 0x540e, 0xfffffffffffffff8)
getsockopt$netlink(r1, 0x10e, 0x7, &(0x7f0000000000)=""/11, &(0x7f00000001c0)=0xb)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x20000, 0x140)
ioctl$KVM_TPR_ACCESS_REPORTING(r3, 0xc028ae92, &(0x7f0000000040)={0x100000001, 0x19})
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0xffffffffffffff05)

[  306.431755][T19631] debugfs: Directory 'vcpu0' with parent '19631-6' already present!
00:33:50 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, &(0x7f0000001380)=[{&(0x7f0000001200)=""/148, 0x94}], 0x100000c7, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ptype\x00')
madvise(&(0x7f000079c000/0x800000)=nil, 0x800000, 0x0)
preadv(r0, &(0x7f0000000480), 0x10000000000001e8, 0x10400003)

00:33:50 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="100000a2d62a5658e7e300000000000200000000000000c2ecae3192fe0e3d1f698d389dab22ee10986e6232a27409396fbd14eb0000"], 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

[  306.515807][T19631] debugfs: Directory 'vcpu0' with parent '19641-4' already present!
[  306.531566][T19635] input: syz1 as /devices/virtual/input/input209
00:33:50 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000400)=0x7)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_open_dev$midi(&(0x7f00000000c0)='/dev/midi#\x00', 0x401, 0x8000)
setsockopt$XDP_UMEM_REG(r2, 0x11b, 0x4, &(0x7f00000001c0)={&(0x7f0000000240)=""/222, 0x10000, 0x800, 0xfffffffffffffff7}, 0x18)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$SNDRV_SEQ_IOCTL_UNSUBSCRIBE_PORT(r2, 0x40505331, &(0x7f0000000380)={{0x0, 0x400}, {0x0, 0x2}, 0x3ff, 0x2, 0xffffffffffff0000})
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000440)=0x8)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$TIOCGSID(r2, 0x5429, &(0x7f0000000340))
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
write$cgroup_type(r2, &(0x7f0000000480)='threaded\x00', 0xfffffffffffffd6f)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r4, 0x40045542, &(0x7f0000000080)=0x3)

00:33:50 executing program 1:

00:33:50 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x406855c9)

[  306.720895][T19666] input: syz1 as /devices/virtual/input/input210
[  306.819247][T19666] input: syz1 as /devices/virtual/input/input211
00:33:51 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x0, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:51 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
write$FUSE_NOTIFY_POLL(r0, &(0x7f00000000c0)={0x18, 0x1, 0x0, {0xffffffff7fffffff}}, 0x18)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x40)
ioctl$VT_RELDISP(r2, 0x5605)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])
fsconfig$FSCONFIG_SET_PATH_EMPTY(r2, 0x4, &(0x7f0000000140)='/dev/cuse\x00', &(0x7f0000000200)='./file0\x00', r2)

00:33:51 executing program 1:

00:33:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/kvm\x00', 0x20000000023fffc, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:51 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4090ae82)

00:33:51 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:51 executing program 1:

00:33:51 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$RDS_RECVERR(r3, 0x114, 0x5, &(0x7f0000000080), 0x4)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:51 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
r2 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x7, 0x4000)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000140)=0xf273)
ioctl$SG_SET_DEBUG(r2, 0x227e, &(0x7f00000000c0)=0x1)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

[  307.252490][T19681] input: syz1 as /devices/virtual/input/input212
00:33:51 executing program 1:

[  307.387702][T19681] input: syz1 as /devices/virtual/input/input213
[  307.405085][T19698] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:51 executing program 1:

[  307.454816][T19703] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:51 executing program 1:

00:33:52 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x0, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:52 executing program 2:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1000000000000000020000f600000000"], 0x10)
r2 = dup2(r0, r0)
ioctl$KVM_DIRTY_TLB(r2, 0x4010aeaa, &(0x7f0000000080)={0x2, 0x6})
ioctl$KDMKTONE(r2, 0x4b30, 0x2)
r3 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x40c000, 0x0)
ioctl$DRM_IOCTL_MAP_BUFS(r3, 0xc0186419, &(0x7f0000000140)={0x1, &(0x7f0000000340)=""/76, &(0x7f00000000c0)=[{0x100000001, 0xbd, 0x7ff, &(0x7f00000003c0)=""/189}]})
io_submit(r1, 0x16, &(0x7f0000000200))
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r3, 0x40106614, &(0x7f0000000200))

00:33:52 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4138ae84)

00:33:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)={0xa, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x40, 0x0, &(0x7f0000000080)=[@clear_death={0x400c630f, 0x3}, @acquire_done, @exit_looper, @clear_death={0x400c630f, 0x3}, @increfs={0x40046304, 0x1}], 0x59, 0x0, &(0x7f0000000240)="c67a9c94dd959a2af56e5299978f9e57f823d95c5ad7440d31731de834aaf2d65f773a3058ab0acf495552d1af748d5acbfb5fcada51173b327871188ca3d842ef835e4ba3b0366f96b7258577464b57dbebdf740c78e614fa"})

00:33:52 executing program 1:

00:33:52 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:52 executing program 1:

00:33:52 executing program 1:

[  308.142102][T19714] input: syz1 as /devices/virtual/input/input214
00:33:52 executing program 1:

[  308.202810][T19715] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:52 executing program 2:

00:33:52 executing program 1:

00:33:52 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(r3, 0x2201, &(0x7f0000000080)=0x10000)
ioctl$KVM_SET_FPU(r3, 0x41a0ae8d, &(0x7f0000000240)={[], 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x7, 0xf000, 0x7000, [], 0x83})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  308.249703][T19714] input: syz1 as /devices/virtual/input/input215
[  308.391364][T19739] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:53 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x0, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:53 executing program 2:

00:33:53 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x4400ae8f)

00:33:53 executing program 1:

00:33:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$TCSETX(r0, 0x5433, &(0x7f0000000080)={0x1f, 0x9, [0x6, 0xbd, 0x41b, 0x7], 0xe874})
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:33:53 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, 0x0)
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:53 executing program 1:

00:33:53 executing program 2:

00:33:53 executing program 1:

[  309.016922][T19754] input: syz1 as /devices/virtual/input/input216
[  309.041906][T19753] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:53 executing program 1:

00:33:53 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VIDIOC_G_CROP(r1, 0xc01456b8, &(0x7f0000000180)={0x59555639, {0x94, 0x80000000000001a}})
r2 = syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00')
madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008)
mlock2(&(0x7f0000a4f000/0x4000)=nil, 0x4000, 0x0)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x40087707, &(0x7f0000000280)='\xa6\xd4\x9bE\xde\xb2a\x00\x00\xcd\xf8\xba\"\x96\x8d\x17\xca\xd1\xb8\xb9@\b\xce3\xb5\xf9\xc1\xd5\xb9\xca\x1d\xca&-\xb1\xb7)&\x17\x9f\x93\xd2-\xaaO\x9a\bVf[z\xd2\x95N\xbf\xd4\xe5\xd1\x8d\xf1\x05\x10\xb45\xf5\xd3\x90\x84\x19s\x8c\xb3g5\xd3\x87\a\xce\x04\xe6\xc0V`>\x01\xdex\xf6\x92P\x14\x0e\xe0\x9e9:i\"k\xf0\xb3\xd7\x1d\xc0d\xb9\x17-\xf3R\xef\x12\xdfYS\xdd\xc1x>\x12\xe9\x91\x1800k\x0f\xe4X\x81\xa1\xd1\x1a4\x1b\xa0\x12\r\x1c>\n\xdb\x89.\xf8\x04\xf0\x87\xa9\x99\xb5\xc2e\xf2\xd0&\xa0F\xdd\xda\\X\xe1g\xa3\xde\xba\x96\xdbz\t\xcd%bt\x0f\xb4GE\xe6,\x8b\x0e\v\xa7}B\x9fT\x82\xac\xe4{h\xea\xa6m\x88/\x15\xcd\x84\xf3D\xa3+\x1a\x03\xed\xe7}\xe9H\xe3\f\x83N\xb8\xca\xa5\xc8\xc6\xa8\xfat\xce\xe1O}T\xd6\xd4\xb0\a\xc6\x84\t\x9e\xbea$$\xa9\x8c}\xd0P\x8di\x7f\xccm\xf5')
sendfile(0xffffffffffffffff, r2, 0x0, 0x0)

[  309.129742][T19754] input: syz1 as /devices/virtual/input/input217
00:33:53 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

00:33:54 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x0, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:54 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
r1 = socket$inet(0x2, 0x3, 0x84)
bind$inet(r0, &(0x7f0000000200)={0x2, 0x0, @local}, 0x10)
connect$inet(r1, &(0x7f0000000000)={0x2, 0x0, @multicast2}, 0x10)
write$binfmt_script(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="2321201f000000000000005d0e"], 0xd)

00:33:54 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x80044940)

00:33:54 executing program 5:
r0 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000040)='/dev/btrfs-control\x00', 0x40000, 0x0)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000280)='TIPC\x00')
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r0, &(0x7f0000000340)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x41080009}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x28, r1, 0x400, 0x70bd28, 0x25dfdbfd, {{}, 0x0, 0xb, 0x0, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x8001}, 0x20000010)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/kvm\x00', 0x80000, 0x0)
removexattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=@known='system.posix_acl_default\x00')
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)

00:33:54 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$dri(&(0x7f0000000000)='/dev/dri/card#\x00', 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VIDIOC_G_CROP(r1, 0xc01456b8, &(0x7f0000000180)={0x59555639, {0x94, 0x80000000000001a}})
r2 = syz_open_procfs(0x0, &(0x7f0000dec000)='smaps\x00')
madvise(&(0x7f000092d000/0x400000)=nil, 0x400000, 0x10200000008)
mlock2(&(0x7f0000a4f000/0x4000)=nil, 0x4000, 0x0)
ioctl$ASHMEM_SET_NAME(0xffffffffffffffff, 0x40087707, &(0x7f0000000280)='\xa6\xd4\x9bE\xde\xb2a\x00\x00\xcd\xf8\xba\"\x96\x8d\x17\xca\xd1\xb8\xb9@\b\xce3\xb5\xf9\xc1\xd5\xb9\xca\x1d\xca&-\xb1\xb7)&\x17\x9f\x93\xd2-\xaaO\x9a\bVf[z\xd2\x95N\xbf\xd4\xe5\xd1\x8d\xf1\x05\x10\xb45\xf5\xd3\x90\x84\x19s\x8c\xb3g5\xd3\x87\a\xce\x04\xe6\xc0V`>\x01\xdex\xf6\x92P\x14\x0e\xe0\x9e9:i\"k\xf0\xb3\xd7\x1d\xc0d\xb9\x17-\xf3R\xef\x12\xdfYS\xdd\xc1x>\x12\xe9\x91\x1800k\x0f\xe4X\x81\xa1\xd1\x1a4\x1b\xa0\x12\r\x1c>\n\xdb\x89.\xf8\x04\xf0\x87\xa9\x99\xb5\xc2e\xf2\xd0&\xa0F\xdd\xda\\X\xe1g\xa3\xde\xba\x96\xdbz\t\xcd%bt\x0f\xb4GE\xe6,\x8b\x0e\v\xa7}B\x9fT\x82\xac\xe4{h\xea\xa6m\x88/\x15\xcd\x84\xf3D\xa3+\x1a\x03\xed\xe7}\xe9H\xe3\f\x83N\xb8\xca\xa5\xc8\xc6\xa8\xfat\xce\xe1O}T\xd6\xd4\xb0\a\xc6\x84\t\x9e\xbea$$\xa9\x8c}\xd0P\x8di\x7f\xccm\xf5')
sendfile(0xffffffffffffffff, r2, 0x0, 0x0)

00:33:54 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:54 executing program 1:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
syz_mount_image$msdos(&(0x7f0000000000)='msdos\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@fat=@nfs='nfs'}]})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)

[  309.882680][T19794] input: syz1 as /devices/virtual/input/input218
00:33:54 executing program 2:
clone(0x802102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
wait4(0x0, 0x0, 0x80000000, 0x0)
socket$unix(0x1, 0x1, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x38)
ptrace$cont(0x18, r0, 0x0, 0x0)
ioctl$BLKTRACESETUP(0xffffffffffffffff, 0xc0481273, &(0x7f00000000c0)={[], 0x0, 0x0, 0x0, 0x200000000003, 0x34})
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)
tkill(r0, 0x0)

[  309.928593][T19791] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:54 executing program 1:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
close(r0)
r1 = socket$inet(0x10, 0x3, 0xeb5f)
recvmsg(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)=""/246, 0xf6}, {&(0x7f0000000800)=""/4096, 0x1000}], 0x2}, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0)
getdents(r2, &(0x7f0000000280)=""/135, 0x74f)
r3 = perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x843, 0x0, 0x0, 0x0, 0x3, 0x0, 0x34dc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
setsockopt$sock_void(r2, 0x1, 0x3f, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_buf(r5, 0x107, 0x400000000006, &(0x7f0000002740)=""/190, &(0x7f0000000340)=0xbe)
r6 = open(&(0x7f0000000140)='./bus\x00', 0x40, 0x20)
close(r6)
lsetxattr$security_evm(&(0x7f0000000640)='./bus\x00', &(0x7f0000002400)='security.evm\x00', &(0x7f0000002300)=ANY=[], 0x0, 0x3)
r7 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x34b6de73, 0x105082)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000))
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r6, 0x0)
readv(r5, &(0x7f0000002580)=[{&(0x7f00000022c0)=""/29, 0x1d}, {&(0x7f0000002200)=""/169, 0xa9}, {&(0x7f0000002440)=""/70, 0x46}, {&(0x7f00000024c0)=""/139, 0x17}, {&(0x7f0000002a40)=""/233, 0xe9}, {&(0x7f0000002840)=""/220, 0xffffffffffffffdb}, {&(0x7f0000002940)=""/197, 0xffffffffffffff84}], 0x7)
readv(r7, &(0x7f0000000180)=[{&(0x7f0000001200)=""/4096, 0xfffffe19}], 0x1)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f0000000380)={0x4, 0x7, 0x8000000000003f, 0xfffffffffffffffd, 0xf4})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400)='TIPCv2\x00')
r8 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r8)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000002380)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1420208}, 0xc, &(0x7f0000002340)={&(0x7f0000000740)=ANY=[@ANYBLOB="f5ff03007b8300000000000800000000080002000200"/48], 0x1}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f00000000c0), &(0x7f00000003c0)=0x40)
recvfrom$inet(r6, &(0x7f0000000680)=""/91, 0xfffffdd5, 0x3fba8a0c83e51971, 0x0, 0xfe)
clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff)
ioctl$void(r4, 0x5451)
pause()

00:33:54 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SIGNAL_MSI(r1, 0x4020aea5, &(0x7f0000000080)={0x16000, 0xd000, 0x4, 0x0, 0xffffffffffffffff})
r3 = syz_open_dev$audion(&(0x7f00000000c0)='/dev/audio#\x00', 0x7, 0x400)
ioctl$sock_TIOCINQ(r3, 0x541b, &(0x7f00000001c0))
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  309.992019][T19794] input: syz1 as /devices/virtual/input/input219
00:33:54 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)

00:33:54 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x800454d2)

[  310.137305][T19819] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  310.229397][T19828] input: syz1 as /devices/virtual/input/input220
[  310.339224][T19828] input: syz1 as /devices/virtual/input/input221
[  310.365013][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  310.370947][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  310.605020][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  310.610885][    C1] protocol 88fb is buggy, dev hsr_slave_1
00:33:55 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x0, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:55 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x1000000000000000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))

00:33:55 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)={0xa, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x40, 0x0, &(0x7f0000000080)=[@clear_death={0x400c630f, 0x3}, @acquire_done, @exit_looper, @clear_death={0x400c630f, 0x3}, @increfs={0x40046304, 0x1}], 0x59, 0x0, &(0x7f0000000240)="c67a9c94dd959a2af56e5299978f9e57f823d95c5ad7440d31731de834aaf2d65f773a3058ab0acf495552d1af748d5acbfb5fcada51173b327871188ca3d842ef835e4ba3b0366f96b7258577464b57dbebdf740c78e614fa"})

00:33:55 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x8004552d)

[  310.759343][T19840] input: syz1 as /devices/virtual/input/input222
00:33:55 executing program 5:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, 0x0, 0x0)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  310.819427][T19838] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  310.845004][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  310.850912][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  310.901478][T19840] input: syz1 as /devices/virtual/input/input223
00:33:57 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:33:57 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)={0xa, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x40, 0x0, &(0x7f0000000080)=[@clear_death={0x400c630f, 0x3}, @acquire_done, @exit_looper, @clear_death={0x400c630f, 0x3}, @increfs={0x40046304, 0x1}], 0x59, 0x0, &(0x7f0000000240)="c67a9c94dd959a2af56e5299978f9e57f823d95c5ad7440d31731de834aaf2d65f773a3058ab0acf495552d1af748d5acbfb5fcada51173b327871188ca3d842ef835e4ba3b0366f96b7258577464b57dbebdf740c78e614fa"})

00:33:57 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x80086301)

00:33:57 executing program 1:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
close(r0)
r1 = socket$inet(0x10, 0x3, 0xeb5f)
recvmsg(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)=""/246, 0xf6}, {&(0x7f0000000800)=""/4096, 0x1000}], 0x2}, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0)
getdents(r2, &(0x7f0000000280)=""/135, 0x74f)
r3 = perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x843, 0x0, 0x0, 0x0, 0x3, 0x0, 0x34dc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
setsockopt$sock_void(r2, 0x1, 0x3f, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_buf(r5, 0x107, 0x400000000006, &(0x7f0000002740)=""/190, &(0x7f0000000340)=0xbe)
r6 = open(&(0x7f0000000140)='./bus\x00', 0x40, 0x20)
close(r6)
lsetxattr$security_evm(&(0x7f0000000640)='./bus\x00', &(0x7f0000002400)='security.evm\x00', &(0x7f0000002300)=ANY=[], 0x0, 0x3)
r7 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x34b6de73, 0x105082)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000))
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r6, 0x0)
readv(r5, &(0x7f0000002580)=[{&(0x7f00000022c0)=""/29, 0x1d}, {&(0x7f0000002200)=""/169, 0xa9}, {&(0x7f0000002440)=""/70, 0x46}, {&(0x7f00000024c0)=""/139, 0x17}, {&(0x7f0000002a40)=""/233, 0xe9}, {&(0x7f0000002840)=""/220, 0xffffffffffffffdb}, {&(0x7f0000002940)=""/197, 0xffffffffffffff84}], 0x7)
readv(r7, &(0x7f0000000180)=[{&(0x7f0000001200)=""/4096, 0xfffffe19}], 0x1)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f0000000380)={0x4, 0x7, 0x8000000000003f, 0xfffffffffffffffd, 0xf4})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400)='TIPCv2\x00')
r8 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r8)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000002380)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1420208}, 0xc, &(0x7f0000002340)={&(0x7f0000000740)=ANY=[@ANYBLOB="f5ff03007b8300000000000800000000080002000200"/48], 0x1}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f00000000c0), &(0x7f00000003c0)=0x40)
recvfrom$inet(r6, &(0x7f0000000680)=""/91, 0xfffffdd5, 0x3fba8a0c83e51971, 0x0, 0xfe)
clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff)
ioctl$void(r4, 0x5451)
pause()

00:33:57 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x0, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:33:57 executing program 5:
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
close(r0)
r1 = socket$inet(0x10, 0x3, 0xeb5f)
recvmsg(r1, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000500)=""/246, 0xf6}, {&(0x7f0000000800)=""/4096, 0x1000}], 0x2}, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0)
getdents(r2, &(0x7f0000000280)=""/135, 0x74f)
r3 = perf_event_open(&(0x7f0000000440)={0x0, 0x70, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x843, 0x0, 0x0, 0x0, 0x3, 0x0, 0x34dc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x101}, 0x0, 0xd, 0xffffffffffffffff, 0x0)
setsockopt$sock_void(r2, 0x1, 0x3f, 0x0, 0x0)
r4 = perf_event_open(&(0x7f0000000140)={0x2, 0x70, 0xee6b}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
getsockopt$packet_buf(r5, 0x107, 0x400000000006, &(0x7f0000002740)=""/190, &(0x7f0000000340)=0xbe)
r6 = open(&(0x7f0000000140)='./bus\x00', 0x40, 0x20)
close(r6)
lsetxattr$security_evm(&(0x7f0000000640)='./bus\x00', &(0x7f0000002400)='security.evm\x00', &(0x7f0000002300)=ANY=[], 0x0, 0x3)
r7 = syz_open_dev$loop(&(0x7f0000ca9ff5)='/dev/loop#\x00', 0x34b6de73, 0x105082)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000))
ioctl$LOOP_CHANGE_FD(0xffffffffffffffff, 0x4c00, 0xffffffffffffffff)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r6, 0x0)
readv(r5, &(0x7f0000002580)=[{&(0x7f00000022c0)=""/29, 0x1d}, {&(0x7f0000002200)=""/169, 0xa9}, {&(0x7f0000002440)=""/70, 0x46}, {&(0x7f00000024c0)=""/139, 0x17}, {&(0x7f0000002a40)=""/233, 0xe9}, {&(0x7f0000002840)=""/220, 0xffffffffffffffdb}, {&(0x7f0000002940)=""/197, 0xffffffffffffff84}], 0x7)
readv(r7, &(0x7f0000000180)=[{&(0x7f0000001200)=""/4096, 0xfffffe19}], 0x1)
ioctl$FS_IOC_FSGETXATTR(r3, 0x801c581f, &(0x7f0000000380)={0x4, 0x7, 0x8000000000003f, 0xfffffffffffffffd, 0xf4})
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400)='TIPCv2\x00')
r8 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r0, 0x4c81, r8)
sendmsg$TIPC_NL_LINK_SET(r6, &(0x7f0000002380)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x1420208}, 0xc, &(0x7f0000002340)={&(0x7f0000000740)=ANY=[@ANYBLOB="f5ff03007b8300000000000800000000080002000200"/48], 0x1}, 0x1, 0x0, 0x0, 0x4000}, 0x4000)
getsockopt$IP_VS_SO_GET_VERSION(r2, 0x0, 0x480, &(0x7f00000000c0), &(0x7f00000003c0)=0x40)
recvfrom$inet(r6, &(0x7f0000000680)=""/91, 0xfffffdd5, 0x3fba8a0c83e51971, 0x0, 0xfe)
clone(0x2102001ffa, 0x0, 0xfffffffffffffffe, &(0x7f00000004c0), 0xffffffffffffffff)
ioctl$void(r4, 0x5451)
pause()

[  312.905424][T19871] input: syz1 as /devices/virtual/input/input224
00:33:57 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)={0xa, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000000c0)={0x40, 0x0, &(0x7f0000000080)=[@clear_death={0x400c630f, 0x3}, @acquire_done, @exit_looper, @clear_death={0x400c630f, 0x3}, @increfs={0x40046304, 0x1}], 0x59, 0x0, &(0x7f0000000240)="c67a9c94dd959a2af56e5299978f9e57f823d95c5ad7440d31731de834aaf2d65f773a3058ab0acf495552d1af748d5acbfb5fcada51173b327871188ca3d842ef835e4ba3b0366f96b7258577464b57dbebdf740c78e614fa"})

[  312.971351][T19869] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  313.048435][T19871] input: syz1 as /devices/virtual/input/input225
00:33:57 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_GET_MSRS(r3, 0xc008ae88, &(0x7f00000002c0)={0xa, 0x0, [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}]})

00:33:57 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x80404509)

[  313.154635][T19885] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:57 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  313.263516][T19892] input: syz1 as /devices/virtual/input/input226
[  313.281928][T19891] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:33:57 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  313.370311][T19896] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  313.398082][T19897] input: syz1 as /devices/virtual/input/input227
00:33:57 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x8138ae83)

[  313.477599][T19902] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  313.544765][T19905] input: syz1 as /devices/virtual/input/input228
[  313.565034][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  313.571575][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  313.578023][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  313.584551][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  313.657797][T19908] input: syz1 as /devices/virtual/input/input229
00:34:00 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, 0x0, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:34:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:00 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:00 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x81a0ae8c)

00:34:00 executing program 5:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
r2 = open(&(0x7f0000000000)='./file0\x00', 0x404000, 0x110)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f00000000c0)={<r3=>0x0, 0x7, 0x6, 0x3}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp_SCTP_RESET_ASSOC(r2, 0x84, 0x78, &(0x7f0000000200)=r3, 0x4)
write$FUSE_DIRENT(r0, &(0x7f0000000340)=ANY=[@ANYBLOB="10000000000000000200000000000000c578604b6a23ff64200b24b5f1ef7dfc99dcbb05fafd5892c4152d529f40172f4c309364f4adccb2d35fcbdf217d49d113c83d8a4a8b182f215b63635d8e849d6b2f76e01ee91c7e8effcc6e9dd8da4f9fdefe9f02ee3eb5e3495ce7c8d8f15fba18b32a711d31e6f14d2bf266fa44f8d6eb019d4d4cfd5c9fe38b51ea50186a268bec73449c306c88d16105c4079582ded6a8c9be6bac0234adc4a77998b0f2"], 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x0, r0, 0x0}])

00:34:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
eventfd(0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
getpgid(0xffffffffffffffff)
fcntl$lock(r1, 0x4, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
r3 = socket$inet6(0xa, 0x803, 0x5)
r4 = socket(0x200000000000011, 0x4000000000080002, 0x0)
rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'bond0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'bond0\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'bond0\x00', 0xa03})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r6, 0xae80, 0x0)

[  315.941539][T19923] input: syz1 as /devices/virtual/input/input230
00:34:00 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
eventfd(0x0)
write$eventfd(0xffffffffffffffff, 0x0, 0x0)
getpgid(0xffffffffffffffff)
fcntl$lock(r1, 0x4, 0x0)
r2 = socket$inet6(0xa, 0x3, 0xff)
r3 = socket$inet6(0xa, 0x803, 0x5)
r4 = socket(0x200000000000011, 0x4000000000080002, 0x0)
rt_sigaction(0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000140)={'bond0\x00', <r5=>0x0})
bind$packet(r4, &(0x7f0000000000)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @broadcast}, 0x14)
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000040)={'bond0\x00'})
ioctl$sock_inet_SIOCSIFFLAGS(r2, 0x8914, &(0x7f0000000080)={'bond0\x00', 0xa03})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r6 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r6, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r6, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r6, 0xae80, 0x0)

[  316.041762][T19924] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  316.065615][T19930] 8021q: adding VLAN 0 to HW filter on device bond0
00:34:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  316.092175][T19935] input: syz1 as /devices/virtual/input/input231
00:34:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x8000000000000085, 0x0)
r4 = dup(r3)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0xee72)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
r6 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000000c0)={0x1, [<r7=>0x0]}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000240)={r7, 0x5, 0x8}, 0x8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_TPR_ACCESS_REPORTING(r6, 0xc028ae92, &(0x7f0000000080)={0x1, 0x2})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:00 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x8000000000000085, 0x0)
r4 = dup(r3)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0xee72)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
r6 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000000c0)={0x1, [<r7=>0x0]}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000240)={r7, 0x5, 0x8}, 0x8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_TPR_ACCESS_REPORTING(r6, 0xc028ae92, &(0x7f0000000080)={0x1, 0x2})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:00 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0045878)

[  316.269500][T19947] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  316.275433][T19943] 8021q: adding VLAN 0 to HW filter on device bond0
00:34:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  316.368618][T19950] input: syz1 as /devices/virtual/input/input232
[  316.370294][T19937] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  316.444222][T19957] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  316.527632][T19950] input: syz1 as /devices/virtual/input/input233
00:34:03 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100), &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:34:03 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = openat$random(0xffffffffffffff9c, &(0x7f0000000140)='/dev/urandom\x00', 0x8000000000000085, 0x0)
r4 = dup(r3)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r5 = open(&(0x7f0000002000)='./bus\x00', 0x141042, 0x0)
ftruncate(r5, 0xee72)
sendfile(r4, r5, 0x0, 0x8000fffffffe)
r6 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r4, 0x84, 0x1d, &(0x7f00000000c0)={0x1, [<r7=>0x0]}, &(0x7f00000001c0)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r6, 0x84, 0x7c, &(0x7f0000000240)={r7, 0x5, 0x8}, 0x8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_TPR_ACCESS_REPORTING(r6, 0xc028ae92, &(0x7f0000000080)={0x1, 0x2})
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:03 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0045878)

00:34:03 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  319.007997][T19969] input: syz1 as /devices/virtual/input/input234
[  319.019694][T19970] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:03 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)
r2 = shmget$private(0x0, 0x3000, 0x100, &(0x7f0000ffb000/0x3000)=nil)
shmctl$SHM_UNLOCK(r2, 0xc)
socket$inet6_tcp(0xa, 0x1, 0x0)

00:34:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  319.052674][T19972] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:03 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  319.124537][T19969] input: syz1 as /devices/virtual/input/input235
00:34:03 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000340)=[@in6={0xa, 0x4e22, 0x0, @empty, 0x80000001}, @in6={0xa, 0x4e23, 0x3, @local, 0xffffffffffffff0f}, @in6={0xa, 0x4e22, 0xb39, @local, 0x68}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e22, @rand_addr=0x1f}], 0x94)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x200000, r0, 0x0}])
flock(r0, 0x0)

[  319.218213][T19987] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:03 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc008ae05)

00:34:03 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  319.272783][T19990] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  319.354110][T19995] input: syz1 as /devices/virtual/input/input236
[  319.402861][T19998] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  319.488455][T19995] input: syz1 as /devices/virtual/input/input237
00:34:06 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100), &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:34:06 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000340)=[@in6={0xa, 0x4e22, 0x0, @empty, 0x80000001}, @in6={0xa, 0x4e23, 0x3, @local, 0xffffffffffffff0f}, @in6={0xa, 0x4e22, 0xb39, @local, 0x68}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e22, @rand_addr=0x1f}], 0x94)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x200000, r0, 0x0}])
flock(r0, 0x0)

00:34:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:06 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:06 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc00c55ca)

00:34:06 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  322.084767][T20011] input: syz1 as /devices/virtual/input/input238
00:34:06 executing program 1:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
io_setup(0x1, &(0x7f0000000180)=<r1=>0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000340)=[@in6={0xa, 0x4e22, 0x0, @empty, 0x80000001}, @in6={0xa, 0x4e23, 0x3, @local, 0xffffffffffffff0f}, @in6={0xa, 0x4e22, 0xb39, @local, 0x68}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e21, @empty}, @in={0x2, 0x4e21, @multicast2}, @in={0x2, 0x4e22, @rand_addr=0x1f}], 0x94)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)
write$FUSE_DIRENT(r0, &(0x7f00000001c0)={0x10, 0x0, 0x2}, 0x10)
io_submit(r1, 0x1, &(0x7f0000000080)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x5, 0x200000, r0, 0x0}])
flock(r0, 0x0)

00:34:06 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  322.125451][T20015] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  322.140239][T20018] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  322.222651][T20011] input: syz1 as /devices/virtual/input/input239
[  322.261362][T20029] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:06 executing program 1:
r0 = getpid()
sched_setscheduler(r0, 0x0, &(0x7f0000000040))
r1 = socket(0x10, 0x80002, 0x0)
bind$netlink(r1, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r1, &(0x7f0000000140)="2600000022004701050000000000000005006d20002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r1, &(0x7f0000000480)=@proc={0x10, 0x0, 0x1}, 0xc)
unlinkat(0xffffffffffffffff, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000080)=0x2, 0x4)
sendto(r1, &(0x7f0000000340), 0xac, 0x0, 0x0, 0x31c)
recvmmsg(r1, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)

00:34:06 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0189436)

00:34:06 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  322.313565][T20034] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  322.435805][T20044] input: syz1 as /devices/virtual/input/input240
[  322.446378][T20043] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  322.561280][T20044] input: syz1 as /devices/virtual/input/input241
00:34:09 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100), &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:34:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:09 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc020660b)

00:34:09 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:09 executing program 1:
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1124, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r2, 0x0, 0xfffffffffffffff8, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x9000000)

[  325.135364][T20062] input: syz1 as /devices/virtual/input/input242
[  325.179411][T20060] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  325.190239][T20064] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  325.260757][T20062] input: syz1 as /devices/virtual/input/input243
00:34:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  325.338654][T20075] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  325.349465][T20076] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:09 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0286404)

00:34:09 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  325.433236][T20081] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  325.532180][T20088] input: syz1 as /devices/virtual/input/input244
[  325.549757][T20087] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  325.563438][T20090] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  325.660547][T20088] input: syz1 as /devices/virtual/input/input245
00:34:12 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:34:12 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:12 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc040565f)

00:34:12 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:12 executing program 1:
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1124, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r2, 0x0, 0xfffffffffffffff8, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x9000000)

[  328.188477][T20107] input: syz1 as /devices/virtual/input/input246
[  328.221462][T20110] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  328.237305][T20109] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:12 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  328.326899][T20119] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  328.337282][T20107] input: syz1 as /devices/virtual/input/input247
00:34:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:12 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc06855c8)

00:34:12 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:12 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  328.508296][T20131] input: syz1 as /devices/virtual/input/input248
[  328.627691][T20139] input: syz1 as /devices/virtual/input/input249
00:34:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:34:15 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0745645)

00:34:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:15 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:15 executing program 1:
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(0xffffffffffffffff, 0x40505330, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x803, 0x3)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x890b, &(0x7f0000000040)={'bridge0\x00h\x00\x01\xd8\x00H\x00'})

[  331.239568][T20148] input: syz1 as /devices/virtual/input/input250
00:34:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:15 executing program 1:
capget(&(0x7f0000000040)={0x20071026}, &(0x7f0000000080))

[  331.357767][T20165] input: syz1 as /devices/virtual/input/input251
00:34:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  331.403567][T20170] capability: warning: `syz-executor.1' uses deprecated v2 capabilities in a way that may be insecure
00:34:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:15 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0845658)

00:34:15 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
bind$inet6(r0, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
listen(r0, 0x8)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x4e22}, 0x1c)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0x20000004, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
sendto$inet6(r3, &(0x7f0000000040)="d5", 0x1, 0x0, 0x0, 0x0)
shutdown(r2, 0x1)
shutdown(r0, 0x0)

[  331.496333][T20175] dump_vmcs: 2 callbacks suppressed
[  331.496339][T20175] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  331.588022][T20183] input: syz1 as /devices/virtual/input/input252
[  331.633584][T20185] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:18 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:34:18 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x3c, 0x0, 0x0)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000240)={0x0, 0x3000})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, 0x0, 0x73, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
stat(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
setuid(r3)

00:34:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:18 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0bc5310)

00:34:18 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, 0x0, 0x0)

00:34:18 executing program 1:
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_S_AUDIO(r0, 0x40345622, &(0x7f00000002c0)={0x200, "8ab80b77de1246b413832c28c16ccc492fa6c7d8f022fb8000425ac22639aade", 0x2, 0x1})
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000180)='/dev/snapshot\x00', 0x80001, 0x0)
r2 = socket$inet(0x2, 0x0, 0x1)
add_key(&(0x7f0000000040)='logon\x00', &(0x7f00000001c0)={'syz', 0x3}, &(0x7f0000000240)="d46f85f7ee7c6f0e3de116ab363d9ea42252e9fb1b6ec047e9d24cd32076b33ab27171e3c08d1629bdc376b5d464", 0x2e, 0x0)
setsockopt$inet_tcp_int(r2, 0x6, 0x0, &(0x7f00000000c0)=0x74, 0x4)
bind$inet(r2, &(0x7f0000000180)={0x2, 0x4e23, @multicast1}, 0x10)
setsockopt$inet_buf(r2, 0x0, 0x26, &(0x7f0000000340)="010ecf23a3ada5f6a7a0c86045270ab2b740a256e1625b02109f6c9e25cefa5d6b59ba534292b13f7a97e81766603fe1be60eb96fce2de23601255a25df926cdd09f08f3fc030f", 0x47)
write$UHID_SET_REPORT_REPLY(r1, &(0x7f00000003c0)={0xe, 0x0, 0x0, 0x4, 0xcf, "b8d631c85e7c5e5f4e6d7a1cba8a487ed9006005423be8b3662503c4a326333f88426261369c19c1bcb7f0b06f458e6b90547227cd0fd8f9126770be3d918092a3bfd10e3d4b3e1f9e5d78b9ca26502e29d20b44257923694c28fe40ee398d23cf0154ee69d22e8315f2175035d859e17471a71c290b96b9a84c6bdc9d6b1e469e993e2523f2bb5076d48561dab8dfb623c2f6936336fe135b740a3ecb55226e5aa8c27f73f72232279ce16e93199f64a6e807a333ba1226805ba43566c2e5286196a830027623a36180caf5f06b49"}, 0xdb)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, 0x0, 0x0)
ioctl$SCSI_IOCTL_BENCHMARK_COMMAND(r1, 0x3)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000000080)=0xda9, 0x4)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000000000000, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@mcast2, 0x2a, 0x2, 0xff, 0x7, 0x0, 0x3f}, &(0x7f0000000140)=0x20)

[  334.336342][T20203] input: syz1 as /devices/virtual/input/input254
[  334.355307][T20200] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  334.356488][T20204] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  334.487652][T20219] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  334.517659][T20203] input: syz1 as /devices/virtual/input/input255
00:34:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:34:18 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000080)=0x8)
ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$VIDIOC_G_CROP(0xffffffffffffffff, 0xc01456b8, 0x0)

00:34:18 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc100565c)

[  334.697082][T20234] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  334.707326][T20240] input: syz1 as /devices/virtual/input/input256
00:34:21 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000013)

00:34:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:34:21 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000040)=@assoc_value, &(0x7f0000000080)=0x8)
ioctl$VHOST_SET_VRING_NUM(0xffffffffffffffff, 0x4008af10, 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
ioctl$VIDIOC_G_CROP(0xffffffffffffffff, 0xc01456b8, 0x0)

00:34:21 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc208ae62)

00:34:21 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, 0x0, 0x0)

[  337.364293][T20255] input: syz1 as /devices/virtual/input/input258
[  337.404232][T20256] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:21 executing program 1:
r0 = socket(0x11, 0x802, 0x0)
getsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(0xffffffffffffffff, 0x84, 0x76, 0x0, 0x0)
ioctl$SCSI_IOCTL_GET_PCI(0xffffffffffffffff, 0x5387, &(0x7f0000000000))
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000040)={'team0\x00\n\xfa\xff\xff\xff\xff\xae\x00'})
perf_event_open(&(0x7f0000000080)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = syz_open_dev$radio(&(0x7f00000003c0)='/dev/radio#\x00', 0x0, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000200)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x0, 0x4}}, 0x20)

00:34:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  337.500002][T20255] input: syz1 as /devices/virtual/input/input259
00:34:21 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
openat$proc_capi20(0xffffffffffffff9c, &(0x7f0000000100)='/proc/capi/capi20\x00', 0x8000, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x0, 0x400)
ioctl$PPPIOCGCHAN(r1, 0x80047437, &(0x7f0000000040))
ioctl$SCSI_IOCTL_TEST_UNIT_READY(r1, 0x2)
connect$llc(r1, &(0x7f0000000080)={0x1a, 0x10e, 0x80000001, 0x10001, 0x8000, 0x5e, @link_local}, 0x10)

[  337.597706][T20277] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:21 executing program 1:
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_ALLOC(r0, 0xc0184900, &(0x7f0000000140)={0x100000a927, 0x2d})

[  337.672348][T20281] input: syz1 as /devices/virtual/input/input260
00:34:22 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  337.828165][T20281] input: syz1 as /devices/virtual/input/input261
00:34:24 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000013)

00:34:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:34:24 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:24 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00005befdc))
r1 = syz_open_pts(r0, 0x20201)
fcntl$setstatus(r1, 0x4, 0x2804)
ioctl$TCXONC(r1, 0x540a, 0x0)
write(r1, &(0x7f0000000100), 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x3)
close(r0)

00:34:24 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x5, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
write$FUSE_LSEEK(r1, &(0x7f0000000000)={0x18, 0x0, 0x3, {0x9}}, 0x18)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000100)={0x7ff, 0x4, 0x4, 0xbc, 0x7, [{0x4, 0x3, 0x4938, 0x0, 0x0, 0x1102}, {0x8, 0x10001, 0x3, 0x0, 0x0, 0x180}, {0x20, 0x7, 0xffffffff, 0x0, 0x0, 0x1000}, {0x4, 0xfffffffffffffffd, 0x7, 0x0, 0x0, 0x1003}, {0x6, 0x1, 0x2, 0x0, 0x0, 0x1082}, {0x5, 0x9}, {0x3, 0x868a, 0x0, 0x0, 0x0, 0x1}]})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:24 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, 0x0, 0x0)

00:34:24 executing program 1:
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in6=@initdev, @in6=@ipv4={[], [], @initdev}, 0x0, 0x0, 0x0, 0x0, 0x80000002}}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in6=@rand_addr="8680c7235bf6dc2f3ff3df464ccc9dbb"}}, 0xe8)
r0 = perf_event_open(&(0x7f0000000240)={0x1, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1124, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x20}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x10, r1, 0x0)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r0, 0x2405, r1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r2, 0x0, 0xfffffffffffffff8, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r2, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x9000000)

[  340.451490][T20307] input: syz1 as /devices/virtual/input/input262
00:34:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:34:24 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r0, 0xae80, 0x0)

00:34:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:34:24 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r0, 0xae80, 0x0)

[  340.591091][T20313] input: syz1 as /devices/virtual/input/input263
00:34:25 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_SET_SNDBIT(r0, 0x4004556a, 0x2)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  340.770563][T20335] input: syz1 as /devices/virtual/input/input264
[  340.850053][T20335] input: syz1 as /devices/virtual/input/input265
00:34:27 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, 0x0, 0x0)
tkill(r2, 0x1000000000013)

00:34:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:27 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r0, 0xae80, 0x0)

00:34:27 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000)={0x0, @speck128})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:27 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0xc0286404)

00:34:27 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  343.514562][T20349] input: syz1 as /devices/virtual/input/input266
[  343.530737][T20354] input: syz1 as /devices/virtual/input/input267
00:34:27 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:27 executing program 2:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  343.623156][T20363] input: syz1 as /devices/virtual/input/input268
00:34:28 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3753, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x450, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000000)='/dev/input/mice\x00', 0x0, 0x10b200)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000100), &(0x7f00000001c0)=0x4)
getsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000040)={<r2=>0x0, 0x9, 0x30}, &(0x7f0000000080)=0xc)
ioctl$KVM_SET_FPU(r1, 0x41a0ae8d, &(0x7f0000000200)={[], 0x1, 0x8, 0x0, 0x0, 0x9, 0x4, 0x1, [], 0xfffffffffffffff7})
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000180)=ANY=[@ANYRES32=r2, @ANYBLOB="4f00000061430b20e5b4ff3320c6ea5d7519397b661c90358bc01309b3b42d"], &(0x7f0000000140)=0x17)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
ioctl$BLKROGET(r1, 0x125e, &(0x7f00000003c0))

00:34:28 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$IMGETVERSION(r1, 0x80044942, &(0x7f00000001c0))
r3 = syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r3, 0x6, 0xe, &(0x7f0000000480)={@in6={{0xa, 0x4e20, 0x1, @remote, 0x8}}, 0x0, 0xfffffffffffffffc, 0x0, "ca530ce337ac44ed98a2f4cb3bfa2d4fc37a4c387ecf773771f571882c9eaa4a90ac98376d267d2291ee6f9136aad645cae39496b57d9b21d186ff790c624df417da16b046774611a0118401109835f1"}, 0xd8)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
setsockopt$IP_VS_SO_SET_EDIT(r3, 0x0, 0x483, &(0x7f0000000380)={0x3a, @loopback, 0x4e23, 0x3, 'wrr\x00', 0x0, 0x0, 0x16}, 0x2c)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:28 executing program 2:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

[  343.799786][T20381] input: syz1 as /devices/virtual/input/input269
[  343.996666][T20381] input: syz1 as /devices/virtual/input/input270
00:34:30 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(0x0, 0x1000000000013)

00:34:30 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:30 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x5, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000240)={0x7b, 0x0, [0x6, 0x401, 0x3c, 0x100000001]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)={0x13, 0x65, 0xffff, 0x5, 0x6, '9P2000'}, 0x13)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-monitor\x00', 0x28202, 0x0)

00:34:30 executing program 2:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:30 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x1, 0x0)
r2 = ioctl$LOOP_CTL_GET_FREE(0xffffffffffffffff, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r1, 0x4c81, r2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)

[  346.589755][T20399] QAT: Invalid ioctl
00:34:30 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:30 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x5, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000240)={0x7b, 0x0, [0x6, 0x401, 0x3c, 0x100000001]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)={0x13, 0x65, 0xffff, 0x5, 0x6, '9P2000'}, 0x13)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-monitor\x00', 0x28202, 0x0)

[  346.622708][T20399] QAT: Invalid ioctl
00:34:30 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x140, 0x0)
ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r2 = add_key$keyring(&(0x7f0000000040)='keyring\x00', &(0x7f0000000080)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffd)
r3 = add_key$user(&(0x7f00000001c0)='user\x00', &(0x7f0000000200)={'syz', 0x2}, &(0x7f0000000240)="6ebbe66872b815", 0x7, 0xfffffffffffffffb)
keyctl$instantiate_iov(0x14, r2, &(0x7f0000000180)=[{&(0x7f0000000100)="1e3c505f3eed072aa6b2f646f955c9f16edb9776d23970861d13734e85eaec9165c093573c1c31ae174d2f842750db6523878596c4c85b58a9e9173ea55917508c7a8c0c2e3b1f9ac143fd20527d6d163d187d01b3978b5d989310b87995397e4edbaad122092a52402c8ae0", 0x6c}], 0x1, r3)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:30 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r0, 0xae80, 0x0)

00:34:30 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:31 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r0, 0xae80, 0x0)

[  346.751679][T20416] input: syz1 as /devices/virtual/input/input273
[  346.832133][T20424] input: syz1 as /devices/virtual/input/input274
00:34:31 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(0x0, 0x1000000000013)

00:34:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x5, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r2, 0x4068aea3, &(0x7f0000000240)={0x7b, 0x0, [0x6, 0x401, 0x3c, 0x100000001]})
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
write$P9_RVERSION(r2, &(0x7f0000000080)={0x13, 0x65, 0xffff, 0x5, 0x6, '9P2000'}, 0x13)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-monitor\x00', 0x28202, 0x0)

00:34:31 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r0, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r0, 0xae80, 0x0)

00:34:31 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:31 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:31 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:31 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:31 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:31 executing program 1 (fault-call:2 fault-nth:0):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  347.499274][T20437] input: syz1 as /devices/virtual/input/input275
00:34:31 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:31 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  347.603883][T20456] input: syz1 as /devices/virtual/input/input276
00:34:31 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:32 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(0x0, 0x1000000000013)

00:34:32 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:32 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x82)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
ioctl$FS_IOC_GETFSMAP(r0, 0xc0c0583b, &(0x7f0000000100)={0x0, 0x0, 0x8, 0x0, [], [{0xa6, 0x32, 0x0, 0x7, 0xff, 0x71b3}, {0x9, 0x6, 0x100, 0x100, 0x5, 0xffffffff}], [[], [], [], [], [], [], [], []]})

00:34:32 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:32 executing program 5:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:32 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:32 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  348.300232][T20477] input: syz1 as /devices/virtual/input/input277
00:34:32 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0xffffffff00000000, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:32 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:32 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:32 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = dup(r0)
getresuid(&(0x7f0000000000)=<r2=>0x0, &(0x7f0000000040), &(0x7f0000000080))
ioctl$SIOCAX25GETUID(r1, 0x89e0, &(0x7f0000000100)={0x3, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, r2})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
socket$rxrpc(0x21, 0x2, 0xa)

[  348.441351][T20507] input: syz1 as /devices/virtual/input/input280
[  348.557080][T20513] input: syz1 as /devices/virtual/input/input281
00:34:33 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x0)

00:34:33 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000140)={0x1, 0x0, {0x2, 0x1000, 0x1002, 0x7, 0xf, 0x3, 0x0, 0x5}})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:33 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:33 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:33 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:33 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1903, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0xc)
r1 = syz_open_dev$mouse(&(0x7f0000000040)='/dev/input/mouse#\x00', 0xb7, 0x400000)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f0000000080)=0x1f, 0x4)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cgroup.events\x00', 0x0, 0x0)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000380)={0x0, 0xfffffffffffffffb, 0x63, 0x71, @buffer={0x0, 0xee, &(0x7f00000001c0)=""/238}, &(0x7f00000002c0)="c628656718d95379247cd0f0c6c3e410d462b37f6978318521c0ffc2757999f39f45aea25269515c1a4b2b9b5791f6c402356f76125d82a933b2fb8709c1323df966552d4d57a63c6ec4cb59ae058a1423daeb002a6e18a18ff0fd7c7f02d15d732f21", &(0x7f0000000880)=""/4096, 0xffffffffffffffe1, 0x4, 0x0, &(0x7f0000000340)})
ioctl$VIDIOC_G_DV_TIMINGS(r2, 0xc0845658, &(0x7f0000000100)={0x0, @reserved})

00:34:33 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:33 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)

[  349.195702][T20525] input: syz1 as /devices/virtual/input/input282
00:34:33 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
syz_init_net_socket$x25(0x9, 0x5, 0x0)
utimensat(r1, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000300)={{0x0, 0x7530}}, 0x100)
prctl$PR_GET_FPEXC(0xb, &(0x7f0000000040))
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f00000000c0)={0xf, 0x9}, 0xf)
getsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r1, 0x84, 0x18, &(0x7f0000000200)={<r3=>0x0, 0x6}, &(0x7f0000000240)=0x8)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000280)={r3, 0x3, 0x9}, 0x8)
ioctl$VIDIOC_SUBDEV_DV_TIMINGS_CAP(r1, 0xc0905664, &(0x7f0000000140)={0x0, 0x0, [], @raw_data=[0xcce, 0x8001, 0x3f, 0x2, 0xffffffff, 0x1000, 0xc6d, 0x3, 0x40d, 0x2, 0x8001, 0xd, 0xfa6, 0xfdd0, 0x5, 0xfa, 0xfffffffffffff801, 0x4800000000, 0x6, 0x8, 0x200, 0x9, 0x94, 0x100, 0x8, 0x0, 0x0, 0x3, 0x4, 0x389b, 0x3ff, 0x3]})

00:34:33 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  349.271155][T20531] input: syz1 as /devices/virtual/input/input283
00:34:33 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:33 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
openat$hwrng(0xffffffffffffff9c, &(0x7f0000000140)='/dev/hwrng\x00', 0x492d42, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
ioctl$sock_inet_udp_SIOCINQ(r2, 0x541b, &(0x7f00000000c0))
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:34 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x0)

00:34:34 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)

00:34:34 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2000000001)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x14)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = dup(r0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r1, 0xc0305602, &(0x7f0000000000)={0x0, 0x400, 0x2007, 0x1})
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:34 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:34 executing program 5:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r0, 0xae60)
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r1, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:34:34 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x1)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x2, r0)
r2 = gettid()
r3 = syz_open_procfs(r2, &(0x7f0000000180)='net/dev_mcast\x00')
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$SNDRV_SEQ_IOCTL_RUNNING_MODE(r3, 0xc0105303, &(0x7f00000001c0)={0x80, 0x7, 0x4})

00:34:34 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)

00:34:34 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uhid\x00', 0x2, 0x0)
r2 = fcntl$dupfd(r1, 0x406, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
setsockopt$inet_udp_int(r3, 0x11, 0xb, &(0x7f00000000c0)=0xfffffffffffffffa, 0x4)
write$eventfd(r2, &(0x7f0000000180)=0x7, 0x8)

00:34:34 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  350.089260][T20569] input: syz1 as /devices/virtual/input/input284
00:34:34 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:34 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:34 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
setsockopt$SO_TIMESTAMPING(r2, 0x1, 0x65, &(0x7f00000000c0)=0x5, 0x4)

[  350.219304][T20588] input: syz1 as /devices/virtual/input/input285
00:34:35 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x0)

00:34:35 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:35 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x12)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:35 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$VHOST_SET_VRING_BASE(r1, 0x4008af12, &(0x7f00000000c0)={0x1, 0x80000000})

00:34:35 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:35 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = syz_open_dev$vbi(&(0x7f0000000340)='/dev/vbi#\x00', 0x3, 0x2)
ioctl$VIDIOC_SUBDEV_S_FMT(r1, 0xc0585605, &(0x7f0000000380)={0x1, 0x0, {0x5, 0x2, 0x3006, 0x1, 0x6, 0x3, 0x2, 0x1}})
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000300)='TIPCv2\x00')
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
r4 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_GET(r2, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x100, r4, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_MEDIA={0x14, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_BEARER={0x7c, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x44, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0xffff, @mcast1, 0x6}}, {0x20, 0x2, @in6={0xa, 0x4e24, 0x2, @mcast1, 0x100}}}}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x1fe00000000}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'ip_vti0\x00'}}, @TIPC_NLA_BEARER_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x200}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xfd19}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x78}]}, @TIPC_NLA_LINK={0x5c, 0x4, [@TIPC_NLA_LINK_PROP={0xc, 0x7, [@TIPC_NLA_PROP_WIN={0x8}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}]}]}, 0x100}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

00:34:35 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

[  350.975290][T20611] input: syz1 as /devices/virtual/input/input286
00:34:35 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:35 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:35 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
socketpair(0xf, 0x6, 0x2, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000040)={<r2=>0x0, 0x69, "46acd091aa2807e26abfe296e94976182c1c7118eb2ec648ab9097040b651b11782a7a5619bf92e140d4687f72a5c80926ff9c3acb5a9b7e2e820cfd868d0776d3e912bd23b200942ad3b2114d3349fcfb59651e539445aa9061a868d54ad860fb7b6a9399c223fd65"}, &(0x7f0000000100)=0x71)
setsockopt$inet_sctp6_SCTP_RTOINFO(r1, 0x84, 0x0, &(0x7f0000000140)={r2, 0x2, 0x4, 0x7}, 0x10)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:35 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

[  351.254202][T20641] input: syz1 as /devices/virtual/input/input288
[  351.369744][T20647] input: syz1 as /devices/virtual/input/input289
00:34:36 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
r1 = dup3(r0, r0, 0x80000)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001a80)={0x9, 0x0, [{0x5002, 0x1f, &(0x7f0000000080)=""/31}, {0x7001, 0x9c, &(0x7f0000000100)=""/156}, {0x7000, 0x1000, &(0x7f0000000880)=""/4096}, {0x2001, 0x71, &(0x7f00000001c0)=""/113}, {0x1000, 0xe, &(0x7f0000000240)=""/14}, {0x2, 0xd6, &(0x7f0000000280)=""/214}, {0x1, 0xfe, &(0x7f0000001880)=""/254}, {0x2000, 0x4a, &(0x7f0000000380)=""/74}, {0x7005, 0xdf, &(0x7f0000001980)=""/223}]})
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000001bc0)=0x2, 0x4)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000040)=0x3, 0x4)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:36 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x0)

00:34:36 executing program 1:
r0 = syz_open_dev$sndpcmc(&(0x7f00000000c0)='/dev/snd/pcmC#D#c\x00', 0x1f, 0xc0000)
ioctl$sock_inet_SIOCSIFNETMASK(r0, 0x891c, &(0x7f0000000140)={'nr0\x00', {0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r1, &(0x7f0000000200), 0x124, 0x10100, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
getpeername$netrom(r0, &(0x7f0000000180)={{}, [@netrom, @rose, @default, @default, @netrom, @rose, @null, @default]}, &(0x7f0000000040)=0x48)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)

00:34:36 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:36 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:36 executing program 0:
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:36 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r2, 0x2405, r1)
signalfd(r2, &(0x7f00000000c0)={0x1}, 0x8)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xffffffffffffffe9)

[  351.894634][T20658] input: syz1 as /devices/virtual/input/input290
00:34:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:36 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:36 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x21, &(0x7f0000000140)=0x240d, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000040)={0xf, 0x9}, 0xf)
set_thread_area(&(0x7f0000000080)={0x8000000, 0x20001000, 0x1000, 0x1f, 0x0, 0x80, 0x0, 0xf24a, 0x40, 0x1})

[  352.019823][T20668] input: syz1 as /devices/virtual/input/input291
00:34:36 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:36 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdb78, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x7)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dlm-control\x00', 0x1, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS(r1, 0xc0385720, &(0x7f0000000240)={0x1, {0x77359400}, 0x7, 0x9})
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x4c0440, 0x0)
r3 = getpgid(0xffffffffffffffff)
ioctl$SNDRV_CTL_IOCTL_ELEM_INFO(r2, 0xc1105511, &(0x7f00000000c0)={{0x0, 0x0, 0x6, 0x2, 'syz1\x00', 0x1000}, 0x3, 0x40, 0x3f, r3, 0x5, 0x6, 'syz0\x00', &(0x7f0000000080)=['mime_type\x00', 'syz1\x00', '\x00', '\x00', '/dev/uinput\x00'], 0x1d, [], [0x8460000000000000, 0x2, 0x81, 0x8]})
ioctl$TIOCCONS(r2, 0x541d)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  352.235832][T20694] input: syz1 as /devices/virtual/input/input292
[  352.319986][T20694] input: syz1 as /devices/virtual/input/input293
00:34:36 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x0)

00:34:36 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:36 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:36 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:36 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x400000000000152, 0xffffffffffffffff, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000140)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$KVM_GET_VCPU_MMAP_SIZE(r1, 0xae04)

00:34:36 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_PR_SUPPORTED(0xffffffffffffffff, 0x84, 0x71, &(0x7f0000000040)={<r2=>0x0, 0x1}, &(0x7f0000000080)=0x8)
prctl$PR_SET_MM_EXE_FILE(0x23, 0xd, r1)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000100)={r2, 0xfa}, &(0x7f0000000140)=0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:37 executing program 0:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:37 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$VIDIOC_SUBDEV_S_FMT(0xffffffffffffffff, 0xc0585605, &(0x7f0000000140)={0x0, 0x0, {0x100000000, 0x9, 0x3037, 0x6, 0xd, 0x0, 0x1, 0x4}})
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000003c0)='^\x00', 0x0, r2)
ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r1, 0x800442d4, &(0x7f0000000240)=0x4)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000004c0)={0x0, 0x5}, &(0x7f0000000500)=0x8)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000540)={<r3=>0x0, 0xcd, "299cc04daec9595d127228533c87d2bbbd67431953251f345b7df32f7f1764e872c927fe4f4f4830992423d375c29eb3debbcdc06e7379a2d5893752e03e4fddf2746a7751ba845f657af2806c9a265a676cdf182952ff2630b2f783b80b294e874d4f84f9f25a14abe1cd5bec00f778b0202709ca9e1c832f35a3b94372073f6e21632110745ec137d5fd1dae3870646f46ec3c93c8db3642671d8725a06b117c71f7d4beb3a71a72650bde0bcb7f6e0cccd08e0c9b7c7b309a343bb6973552205014531279c878656ff6f3a1"}, &(0x7f0000000640)=0xd5)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000480)={<r4=>r3, 0x4}, &(0x7f0000000280)=0xa975cd9cde2d47b9)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000002c0)={r4, @in={{0x2, 0x4e21, @empty}}, 0xbd, 0xcb, 0x7682, 0x9, 0x1}, &(0x7f0000000380)=0x98)
ioctl$PIO_FONTX(r1, 0x4b6c, &(0x7f00000001c0)="8aad59b0931bdef137d6471f9b4fdadd2415089385acfe4c93391f8427f32fb583331a49f49d072bfa6a35ece1ee15458cdb0c817ad6b6258cf1d9d95009f62d522f65778c")
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
clock_settime(0x5, &(0x7f00000000c0))

[  352.758132][T20714] input: syz1 as /devices/virtual/input/input294
00:34:37 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:37 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:37 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

[  352.883958][T20723] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:37 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000004100)=[{{&(0x7f0000000140)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f0000001280)=[{&(0x7f00000001c0)=""/4096, 0x1000}, {&(0x7f00000011c0)=""/131, 0x83}, {&(0x7f00000000c0)=""/41, 0x29}], 0x3, &(0x7f00000012c0)=""/78, 0x4a}, 0x20}, {{&(0x7f0000001340)=@in={0x2, 0x0, @loopback}, 0x80, &(0x7f0000001800)=[{&(0x7f00000013c0)=""/75, 0x4b}, {&(0x7f0000001440)=""/255, 0xff}, {&(0x7f0000001540)=""/90, 0x5a}, {&(0x7f00000015c0)=""/41, 0x29}, {&(0x7f0000001600)=""/252, 0xfc}, {&(0x7f0000001700)=""/161, 0xa1}, {&(0x7f00000017c0)=""/20, 0x14}], 0x7, &(0x7f0000001880)=""/93, 0x5d}, 0x400}, {{0x0, 0x0, &(0x7f0000005200)=[{&(0x7f0000001900)=""/139, 0x8b}, {&(0x7f00000019c0)=""/140, 0x8c}, {&(0x7f0000001a80)=""/49, 0x31}, {&(0x7f0000004200)=""/4096, 0x1000}], 0x4, &(0x7f0000002b00)=""/75, 0x4b}, 0x8}, {{&(0x7f0000005240)=@xdp, 0x80, &(0x7f0000003080)=[{&(0x7f0000002c00)=""/248, 0xf8}, {&(0x7f0000002d00)=""/91, 0x5b}, {&(0x7f0000002d80)=""/223, 0xdf}, {&(0x7f0000002e80)=""/160, 0xa0}, {&(0x7f0000002f40)=""/20, 0x14}, {&(0x7f0000002f80)=""/80, 0x50}, {&(0x7f0000003000)=""/14, 0xe}, {&(0x7f0000003040)=""/42, 0x2a}], 0x8, &(0x7f0000003100)=""/4096, 0x1000}, 0x101}], 0x4, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  352.933426][T20714] input: syz1 as /devices/virtual/input/input295
00:34:37 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x0)

00:34:37 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:37 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:37 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = accept$netrom(0xffffffffffffffff, &(0x7f0000000000)={{}, [@bcast, @rose, @bcast, @default, @netrom, @remote, @remote, @null]}, &(0x7f0000000080)=0x48)
ioctl$sock_inet_SIOCSIFFLAGS(r1, 0x8914, &(0x7f0000000100)={'veth1_to_team\x00', 0x2c00})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r2 = syz_open_dev$adsp(&(0x7f00000001c0)='/dev/adsp#\x00', 0xfffffffffffffbff, 0x80200)
write$P9_RAUTH(r2, &(0x7f0000000200)={0x14, 0x67, 0x2, {0x2, 0x2, 0x3}}, 0x14)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r3 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000140)='/dev/dlm-monitor\x00', 0xba000, 0x0)
fsconfig$FSCONFIG_SET_FD(r3, 0x5, &(0x7f0000000180)='mime_type$lo&\x00', 0x0, r0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:37 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x7fff, 0x408043)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4068aea3, &(0x7f0000000a80)={0x7b, 0x0, [0x1, 0x3ff, 0x6, 0x1]})
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000b00)=ANY=[@ANYBLOB="6d616e676c6500000000000000000000000000000000000000000000000000001f00000006000000380800005801000000000000200600000000000058010000680700006807000068070000680700006807000006000000", @ANYPTR=&(0x7f0000000140)=ANY=[@ANYBLOB='\x00'/96], @ANYBLOB="fe800000000000000000000000000024fe880000000000000000000000000101ffffffffffffffffffffff00ffffff00000000ffffffffff000000ffff00000076657468315f746f5f6873720000000073797a5f74756e000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff00000000000000000000000000000000ff00050204000000000000000000000000000000180158010000000000000000000000000000000000000000000000002800686c0000000000000000000000000000000000000000000000000000000003ff0000000000002800686c0000000000000000000000000000000000000000000000000000000003fd000000000000400052415445455354000000000000000000000000000000000000000000000073797a3000000000000000000000000001010000000000000104000000000000ff020000000000000000000000000001ff010000000000000000000000000001ffffff00ff000000ffffff00ffffff00ffffffff00000000ffffffffffffffff697064647030000000000000000000007465616d5f736c6176655f3000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000003a00060202000000000000000000000000000000c800f0000000000000000000000000000000000000000000000000002800484c000000000000000000000000000000000000000000000000000000000208000000000000ff02000000000000000000000000000100000000000000000000ffffac1414bbffffffff000000ffff000000ffffffffff00000000000000ffffffff0000000069726c616e30000000000000000000006970365f767469300000000000000000000000000000000000ff0000000000000000000000000000000000000000000000000000000000ff000000000000000000000000000000002e009401070000000000000000000000000000003002780200000000000000000000000000000000000000000000000038017274000000000000000000000000000000000000000000000000000000000900000001040000010000000000000028070000ff020000000000000000000000000001fe8000000000000000000000000000bb0000000000000000000000000000ea015d91852f11e6f6adb727f0dfab824473ff0200000000000000000000000000010000000000000000000000000000000100000000000000000000000000000001fe880000000000000000000000000001fe80000000000000000000000000000bfe880000000000000000000000000001fe8000000000000000000000000000bbfe8000000000000000000000000000aaff020000000000000000000000000001ff020000000000000000000000000001fe8000000000000000000000000000aa00000000000000000000000000000001040000003000737268000000000000000000000000000000000000000000000000000000870307fa8000000020050000000000004800444e5054000000000000000000000000000000000000000000000000000000007fff000000000000000000000000ac1e0101000000000000000000000000080d030000000000fe8000000000000000000000000000bbff01000000000000000000000000000100000000ff0000ffff0000000000000000000000ff0000ffffffffffffffffff726f73653000000000000000000000007465616d5f736c6176655f300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000015000000000000000000000000000000180160010000000000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000010000000000000028006d68000000000000000000000000000000000000000000000000000000008c040100000000004800534e505400000000000000000000000000000000000000000000000000000000000000000000000000000000000100000000000000000000ffffac14141f043d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200148010000000000000000000000000000000000000000000000002800727066696c74657200000000000000000000000000000000000000000000080000000000000030006c3274700000000000000000000000000000000000000000000000000000020000000400000003000400000000002800484c0000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a800d0000000000000000000000000000000000000000000000000002800000000000000000000000000000000000000000000000000000000000000feffffff00000000673fedcffbf0bed3b074424997b4040f79d8f54187d7dcb5e4c6506d"], 0x898)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:37 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:37 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

[  353.635919][T20755] input: syz1 as /devices/virtual/input/input296
00:34:38 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000380)=[{{&(0x7f00000003c0)=@nl, 0x80, &(0x7f0000000440), 0x3c9, &(0x7f0000000340)=""/60, 0x3c}, 0x27}], 0x0, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  353.689044][T20757] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:38 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  353.730439][T20755] input: syz1 as /devices/virtual/input/input297
00:34:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(0x0, 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:38 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:38 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x0, 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f0000000200)={<r3=>0x0, 0xd5, "9161c6dec372daf3f07e637e012f64cad6c825e4ab8242a3643f95deea3a16df186fe03c30ddda1829f90fb2948f8f3387ce8ff14f85938b716a4756524102454a631193a403a8bf47f27eae2cb9fd24e66f90319ce3e2f337eab51596b38496a98196bc93c872e713bdf15b26ddce2c3de82a75cb8db441a5ebc6afa634c522fe33ff646e8f46f6fb3f9e88cf28932feba4ab09c807f4117272200e78a112c76968d53f9256b0af7879a69d7576bd07dde18f9fc727db34187a8b279c9a41697b9b4df9c2f16451e3d0eadd284868cc54fb282d9a"}, &(0x7f0000000300)=0xdd)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000340)={<r4=>r3, 0x6}, &(0x7f0000000380)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f00000000c0)={<r5=>r4, 0x3}, &(0x7f00000003c0)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r1, 0x84, 0x66, &(0x7f0000000180)={r5, 0xfffffffffffffffc}, &(0x7f00000001c0)=0x8)

[  353.929926][T20778] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:38 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)

00:34:38 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:38 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:38 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:38 executing program 1:
openat$dsp(0xffffffffffffff9c, &(0x7f0000000200)='/dev/dsp\x00', 0xa0200, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x6, &(0x7f0000000380)="11ad0cee000000000000005e923374374f20590d2fa22b2a4832647186230600078ab851e2f00000000000000400000000000000cae54b0365aa62")
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000180)={0x18, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b6300004ef5ce1dd35f08f5850a00"/24], 0x2b, 0x0, &(0x7f0000000140)="1e6d8a25677cf0895909b968d4cdce2ddbc73aeead1cb849c57f34140c076be7fd40f4c38db8d51d5c2f02"})
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
openat$random(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/urandom\x00', 0x90081, 0x0)

00:34:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:38 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  354.504685][T20799] input: syz1 as /devices/virtual/input/input298
00:34:38 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000740)='/proc/capi/capi20ncci\x00', 0x484800, 0x0)
bind$bt_rfcomm(r1, &(0x7f0000000780)={0x1f, {0x5, 0x3, 0x6, 0x5, 0x1, 0x2}, 0x7ff}, 0xa)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
syz_emit_ethernet(0x3a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff08004a00004800000000006c9078ac14140000000000000000000000000000005ee5733afb2ad7f551ae52a37f58b5507ed424866d9f30650ed7f8a715dbc3db0ee52f1a56a0455c3b67a691a7f491ba3e64c076670b658e42df217c9bbe132054eb606a55fd58259b8a086c2c4e1155775acadde0095ddd08da31508c909fea73aa27422a1a9ca967cdf477442942c1bf4e6b6a5c6e598afb9536808490672610878b2e2789e43191f2f5a77b74fec842b5cb1d322d09f86a079deede4f2ba05212def4b5340f71c382328e9d701d25bf14beeb89763d60585d707f3b47f70bb527d4d784308caa45d4e2e6c2054e29bd4b8320510932bb4bc4ab7b5cb8bd85cfebaeca6bbf256fc6fe139d7f7e7f0fbadd6f5e85eed5323285074ad7ffe69b4d970c590f89d8db5dad24b74f71f041ecd8b89d783bceac380fd825cea909fdd1c6655481fbc8743415e153b611b6d1a5f4046136330b894ba7dabdde8280ad8cdccdc1d63f266ef617b63d22d9926823"], &(0x7f0000000000)={0x0, 0x2, [0x0, 0x1000000]})
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
fcntl$getownex(r0, 0x10, &(0x7f00000003c0)={0x0, <r4=>0x0})
sched_rr_get_interval(r4, &(0x7f0000000400))
getsockopt$inet_sctp6_SCTP_RESET_STREAMS(r2, 0x84, 0x77, &(0x7f0000000340)=ANY=[@ANYRES32=<r5=>0x0, @ANYBLOB="1d0004bc00622c73a5a99e027ccadf6ca7e0a2e1f34505cb6b4178a65d9de2fc209b9fef915c7a9ebd7dfee66b5800ff5928ad40f8791960f032c3d2b077f336a8eb75d9adc1f1d7d022a43232aa4cc84249cb65790e923f00e40c158fbd9c6ffa9eb13730e00f5a"], &(0x7f0000000140)=0x10)
syz_open_dev$binder(&(0x7f00000000c0)='/dev/binder#\x00', 0x0, 0x2)
getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r2, 0x84, 0x9, &(0x7f0000000180)={r5, @in6={{0xa, 0x4e23, 0x100000000, @empty, 0xf6}}, 0x5, 0xffffffff80000005, 0x11fa, 0x101, 0x48}, &(0x7f00000002c0)=0x98)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
getsockopt$bt_rfcomm_RFCOMM_LM(r2, 0x12, 0x3, &(0x7f0000000240), &(0x7f0000000300)=0x4)
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$KVM_REGISTER_COALESCED_MMIO(r2, 0x4010ae67, &(0x7f0000000280)={0xf000, 0x10000})

00:34:38 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:38 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:38 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x3, 0x80)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x2400, 0x371b)
ioctl$UI_SET_MSCBIT(r0, 0x40045568, 0x39)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:38 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  354.782030][T20823] input: syz1 as /devices/virtual/input/input301
[  354.899861][T20829] input: syz1 as /devices/virtual/input/input302
00:34:39 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))

00:34:39 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
ioctl$PIO_UNIMAPCLR(r1, 0x4b68, &(0x7f00000000c0)={0x18000000, 0xc5, 0x9})
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:39 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:39 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:39 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:39 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  355.395119][T20845] input: syz1 as /devices/virtual/input/input303
00:34:39 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x21, &(0x7f0000000080)=0x61e67a7b004, 0xfe1a)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f00000000c0)='/dev/dmmidi#\x00', 0x2, 0x40000)
setsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000140)=0x6, 0x4)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$FIBMAP(r1, 0x1, &(0x7f0000000200)=0x5)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000180)="11dca50d5e0bcfe47bf070")
bpf$OBJ_PIN_MAP(0x6, &(0x7f0000000280)={&(0x7f0000000240)='./file0\x00', r1}, 0x10)
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0)
bpf$OBJ_PIN_MAP(0x6, &(0x7f00000001c0)={&(0x7f0000000100)='./file0\x00', r2}, 0x10)

00:34:39 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:39 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:39 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
lsetxattr$trusted_overlay_redirect(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.redirect\x00', &(0x7f0000000080)='./file0\x00', 0x8, 0x1)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
recvmmsg(r0, &(0x7f0000002780)=[{{&(0x7f0000000100)=@nl=@proc, 0x80, &(0x7f0000000b00)=[{&(0x7f0000000180)=""/148, 0x94}, {&(0x7f0000000240)=""/91, 0x5b}, {&(0x7f00000002c0)=""/94, 0x5e}, {&(0x7f0000000340)=""/66, 0x42}, {&(0x7f0000000880)=""/85, 0x55}, {&(0x7f0000000900)=""/101, 0x65}, {&(0x7f0000000980)=""/240, 0xf0}, {&(0x7f0000000a80)=""/102, 0x66}], 0x8, &(0x7f0000000b80)=""/4096, 0x1000}, 0x7}, {{&(0x7f0000001b80)=@nfc_llcp, 0x80, &(0x7f00000003c0)=[{&(0x7f0000001c00)=""/198, 0xc6}, {&(0x7f0000001d00)=""/246, 0xf6}, {&(0x7f0000001e00)=""/71, 0x47}], 0x3, &(0x7f0000001e80)=""/52, 0x34}, 0x7ff}, {{&(0x7f0000001ec0)=@in6={0xa, 0x0, 0x0, @local}, 0x80, &(0x7f0000002600)=[{&(0x7f0000001f40)=""/247, 0xf7}, {&(0x7f0000002040)=""/186, 0xba}, {&(0x7f0000002100)=""/19, 0x13}, {&(0x7f0000002140)=""/135, 0x87}, {&(0x7f0000002200)=""/213, 0xd5}, {&(0x7f0000002300)=""/201, 0xc9}, {&(0x7f0000002400)=""/192, 0xc0}, {&(0x7f00000024c0)=""/34, 0x22}, {&(0x7f0000002500)=""/206, 0xce}], 0x9, &(0x7f00000026c0)=""/139, 0x8b}, 0x40000000000}], 0x3, 0x120, &(0x7f0000002840)={0x77359400})

00:34:39 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x0, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  355.618929][T20864] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  355.656463][T20871] input: syz1 as /devices/virtual/input/input306
[  355.779213][T20874] input: syz1 as /devices/virtual/input/input307
00:34:40 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))

00:34:40 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x200, 0x0)
r2 = dup3(r0, r0, 0x80000)
ioctl$PERF_EVENT_IOC_SET_OUTPUT(r1, 0x2405, r2)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000800)=[{{&(0x7f0000000140)=@vsock={0x28, 0x0, 0x0, @my}, 0x80, &(0x7f0000000400)=[{&(0x7f00000001c0)=""/179, 0xb3}, {&(0x7f0000000280)=""/21, 0x15}, {&(0x7f00000002c0)=""/139, 0x8b}, {&(0x7f0000000380)=""/109, 0x6d}], 0x4, &(0x7f0000000440)=""/8, 0x8}, 0x8}, {{&(0x7f0000000480)=@rc, 0x80, &(0x7f0000000700)=[{&(0x7f0000000500)=""/22, 0x16}, {&(0x7f0000000540)=""/112, 0x70}, {&(0x7f00000005c0)=""/54, 0x36}, {&(0x7f0000000880)=""/249, 0xf9}], 0x4, &(0x7f0000000740)=""/179, 0xb3}, 0x6}], 0x2, 0x0, 0x0)
r3 = fcntl$dupfd(r0, 0x0, r0)
userfaultfd(0x80800)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r3, &(0x7f0000000040)={0xf, 0x9}, 0xf)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000640)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f00000006c0)={&(0x7f0000000600), 0xc, &(0x7f0000000680)={&(0x7f0000000980)={0x1c8, r5, 0x14, 0x70bd2d, 0x25dfdbfe, {}, [@TIPC_NLA_BEARER={0x64, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x20}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e20, 0x2, @remote, 0x7f}}, {0x14, 0x2, @in={0x2, 0x4e24, @local}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'ifb0\x00'}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_BEARER={0xf4, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e21, @empty}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x1, @ipv4={[], [], @loopback}, 0x6}}}}, @TIPC_NLA_BEARER_PROP={0x44, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x4}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x2}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x100}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x6}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6ef9}]}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0xc53}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e22, 0x5116, @mcast1, 0x1}}, {0x14, 0x2, @in={0x2, 0x4e22, @local}}}}, @TIPC_NLA_BEARER_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}]}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @udp='udp:syz2\x00'}]}, @TIPC_NLA_BEARER={0x20, 0x1, [@TIPC_NLA_BEARER_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0xf000000000}]}]}, @TIPC_NLA_SOCK={0x3c, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x7fff}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x3}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8001}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1000}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0xfffffffffffffff8}]}]}, 0x1c8}, 0x1, 0x0, 0x0, 0x40080}, 0x20000000)
write$P9_RXATTRCREATE(r3, &(0x7f0000000b80)={0x7, 0x21, 0x2}, 0x7)

00:34:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:40 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x0, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:40 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000080)={0x1})
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000340)=0xffffffffffffffff, 0x4)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r2 = syz_open_dev$video(&(0x7f0000000000)='/dev/video#\x00', 0x800000000000, 0x20000)
ioctl$VIDIOC_G_JPEGCOMP(r2, 0x808c563d, &(0x7f0000000100))
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f00000001c0)={<r3=>0x0, 0x140000000}, &(0x7f0000000200)=0x8)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(r1, 0x84, 0x6, &(0x7f0000000240)={r3, @in={{0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0xa}}}}, &(0x7f0000000300)=0x84)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:40 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  356.246366][T20883] input: syz1 as /devices/virtual/input/input308
[  356.271156][T20892] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:40 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:40 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x0, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:40 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:40 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
arch_prctl$ARCH_MAP_VDSO_32(0x2002, 0x9)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$PPPOEIOCDFWD(r1, 0xb101, 0x0)

[  356.400118][T20900] input: syz1 as /devices/virtual/input/input309
00:34:40 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000480)='/dev/qat_adf_ctl\x00', 0x4000, 0x0)
accept$inet(r1, &(0x7f00000004c0)={0x2, 0x0, @local}, &(0x7f0000000500)=0x10)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
ioctl$KVM_SET_GSI_ROUTING(r2, 0x4008ae6a, &(0x7f00000000c0)={0x1, 0x0, [{0x5, 0x3, 0x0, 0x0, @sint={0xfffffffffffffffc, 0xd90}}]})
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  356.469804][T20911] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:41 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
gettid()

00:34:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:41 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x801, 0x0)
ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000100)={0x22, 0x30, 0x17, 0x1c, 0x8, 0x8476, 0x2, 0x38, 0xffffffffffffffff})
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=<r2=>0x0)
fcntl$lock(r0, 0x27, &(0x7f0000000040)={0x0, 0x3, 0x6, 0x2, r2})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
getsockopt$inet_IP_XFRM_POLICY(r1, 0x0, 0x11, &(0x7f0000000180)={{{@in=@local, @in=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r3=>0x0}}, {{@in=@local}, 0x0, @in=@broadcast}}, &(0x7f0000000280)=0xe8)
sendmsg$nl_netfilter(r1, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x80800}, 0xc, &(0x7f00000002c0)={&(0x7f0000001cc0)=ANY=[@ANYBLOB="101300000c0f000227bd7000fcdbdf250a00000608007f00", @ANYRES32=r3, @ANYBLOB="a80140009a1309a65aede8107c0b355dde00d267f1ba4c305e6c978ed77e9f985fc392a74bb57d439705bab3fe6e1edec268c2c024d2013862146f26b7cab0fb29375278713278ab8159a5bdcd7f758f85201a61c4e16d33d56dbf3e58597e2211fde600379ffd9e9e3fdf755137c4eb4918c0be46c2f920d52969c4dbe46c612c24c9ab3c2e60d4921865c41fea6e5d90a1408d06193f23abc5cdf61bdca5f490269c4083d36a3b1306a4f3b937cf1e11432ae01234e2f84e01844ed6ef1afaeb860ce015a1dbacc3ba6534276245cad78790951275f908d19a70b6857bdc711b82face11e5a6107c41a465d36e98c981a5ba74d01985ef2b2018c018f183610437f0586b46a238ec1f7c9fc40729e1a20c1a325eb53fd09d0ac2a7a97112ca66b07d407c90ae2783876b0600e36e0fe05ec71196a590c8abf45205ecef3608f2a5e48357d0a57426627727eb2b18726610d5d82c3fc5e0fa3698df7f406750c9fb2abb41b0390909b0fa0238dc090705edf9ea30406d7c90f6656c7dfdb15d247d5b40d7a677703f296a6bd6a1abbf8b1d7a735a7030cd238060f7f7e82862cd957c139ead264f441196002e886fb925fbeb07eb5f62db0548374e5dffe7471c24dcfa8665bcb9f9a992ddb2ba2317e4b23be880636d8bddbf4ad65bb600ee90f01b1be969724039225620476df3b5553795c257cedaaba8178dfac3ef4e90cd8c647f8462825cdaeefc4293d17e7893020f79e9cfcda64fb84323b6051c07a176d30156976326eb5d4446bdfece2ef2cdc89b66c54aedd7560c8f2826dc76622bcc618fb8764ccaccf1c5893febbea3040d79197b321928d65d066cf5be7f13cf4284475a1aae47c8e188509262fc6fb053bb6a3d8135fb207aff15432fe5c07182f77f93a3ec159e2709d966950df32431bd9525f5b416ed9aa2f6ef7c18038a27af02afe90c6c65a8b2fadb099c800729ee9c5ae36d67e50b5cbfd751041f2022c84158238768ac2200913e26aa2f67f62709666fca20e737ce21987921a4fa92f7ff6d812183f60a6c960fac0f06b3c30d8d92344d11e66fbecf4f667abfa26a03bca4f718114899df698ab81370609a035d099ea86277ba34c4436a899f0ffb44c7af2152b4d93b81f878bd842fd188b8a76713a4cb5031b2df243f87f77473820f37dfcfdd0277245041185fd76662bcbafbfe1884b6ec6d654e4614a0451128ac783171e9c6e01fae1567d04a7a80bfc4c3eac8d6cb504c8e5075d00b500f1acc01e312fea614cc05013265eeb316677bd66448603c009e31c591ae805a340695c165ba94102432827530e369cd86516a446023167515a2b433b712a485f422d8cc9b50e9f8db70c93cd50262449e7e0919fe9bf7a7d58d6b67dfd26aba84709b63d7a098436898c51881a18471900f0a9d1ba871dd73c36535a9b20155518051bc1ba40736e25ac6bbaec856c5eaa1511aa4de602d6d76d9eff074cd69092ce110c4c1c04629f61d44a7d8157cce451b2265214144ca579de2e22fc569f3dfd9efd4065a5251620716b901dfc64e1f2b27c4d992cc5107f2dca597e43ae8bf97a8f741ac55356500675dc0fd6f12b77865bb5427efe2e7c1b04b6a461d7bd65628ead5261a120d4b5c7e689ed3eb76df16eeba680a363df2e2789591ba14a61ff1232e1551018add1d8335b28dd44e82c7db8e91f217912840f544b2ab51cdac84f3a8ebf7fd6534162f27c3f7405f605a01967063f8f1b3f8229574e43c1d11ac0514391fb1aff30175d3f69b781a969018ed8d32e65f874231852cab2092bef4aa870e19906e9f6ed229ba2a43eeda342983891293a23217bfcee9798d2cfa75a10c8a832efeb4009a20dcc391129351dae4a9f8144b8f96664bd2a774ceb39d44e9184bb160664af2e8e3897680710d3de5edc91020b16e9179a449c90bc32240d6222cacba92abf016f77f3d46c8355059b9668afaa96af1fccff9b4da6699b7702e6370db607e357a3bced6233d6acdb52657ccf1328be476dc1156fbadbee6cbbde02f867f0b4150fcf476cea11d0aa7e502bf67d82431237ac3b681c6b339c4547111c5a690103fbe336b1691964dc9733b448bb5a9e73a77d2110d60436cff3d8430fef2e65e10488b4cb7f475f5665039bee37485aff52e2ba10edcfb4badfeb26568d5b8269b53b2fc8bd71f17c0fc23bb45a1578176afae4d1cba7584137c65825cdf071a211287f79645f91099b45f109a6694d204db61332c756af173271190da631038eabd62b67e6cce46b5c78b0f169610fdf43d3409c83c8cb2441bd024d6db6037e83e8eeb1b256701a00490a286a98220bd8000ab1f568df6119fe25da73e504306799e3fd0fcccbbf8b4f8ba0ebe42aefae42fadaf131170270778bad408ec8cc43c2a318222729878980ee7226325a3268ae5b40e76995fb6fd1b67bfce36e42f938d7b2ee6820860b33659d275f1fa575d3a09c23e7c6c73e485498fe83412850e6248f1244ffed50a73c222e06b7bf0ca5c316ba917a40bb852c49c00f8ba6283027924d6b78adc9f15438ea8cafcd947a480a910cac703b7fa89f05cd07e446eef0ead76bb0cf47775563655019c8f064ea409434b0d49b9660e049bdb68c99f537ccabd8e577fa60d71181d95966495def57572165654ce57f9ae846939b71e8122e3fc660f3b57af7256ee9b2e2061ccbbe690c7748b24328e578643a2fc8011133f7031719f09b42eec3da49b15aeed6cf36d40b6d34465592158b02b91835bb01fbd50f75ef118986c439965300e0636f4a46348bba545c97acd533b9ba5c82b7d43c7f2181d8715102ac033b3294767e2c89ef236c42412ba51ab6c3626335e472c0b3193cbb1777c1bcdaaee96655df5b00a1bbbb53afa412e22bb77e5412bd389b3bf8a0d77b99dc0321c352639843fd70f7cde4eb0daea1eb90aba0cb2bb113f5e943b3ffb863f9a430af51680fd6ff1e3bb4a79a773491cb412e41a5206997f38b15e837749838a4bd197f4416259c6083b56310b7646d04331e917926acd948ad652788a9c9a0506e0e8666c9ddd59817a8ba1da0c525e09bc41a8596300dfa16129eb34ccf4ec58487d5eb43e88a962a598b19a8f92fd758f5978646cd9c1b4f67d5e547bef3155a469c68c23edab6f95132f16ef74cc7a82a4bff9215b5ca5044d4b47cb73fced11bc9c51e7820a39d992fb7a2f54606dc7ad51681764af8396a62e7e32d0fd00a55166d4e371599d33390b86857f68a792e719c7e780674982b4ca9d5c5d66d148455d994fa26de869bca6743788d3a462afc2a2686bc1df703015a88350dc191167f51675f98eacd178c0898b6f73acc819585e7121beefb8c6bd3bca54b498a5dc414cbdafb1244369b04813497b45ad549a6e65381050e5da6b759a1f11cd1c788e973b7a985b8d8d4d017af86a844a4ed8741914996576f200f7116253fa98c3904d62a64beceb1a8ffa3968d05521e7d1da7efc1701e14ba623b2ac2793da25376edadfef1708c4d4580300596b0cc3eae9702054bbabedc2a16dde10fb9be3717ae0b222d131287fda9f51b79eea92ceaf9058b47bd9e34629666cf9fc83759abe5b85a46656db0b88a08a80289129ac16f3a0c250fc2552a4f2c918ced8a0ed4fbc8be4b00427f9931729b1a26ced0e8817936a5f018744bb85614906578bf729843009b41634542762d5fc4950379b535da105bf409d293805a63c1e9b5f7eb654212bdaaa6e00b87df8766f0f8b1e6d20466270ae50e16ae5d47b977ad38e1ead3d488d2e348b465fb9d81b87292a49a97bd82c96cd88d441143b757a61ced5e40bf754b0f09a74412d1765dfb21596e6e1dffd4a6f92d97dc3b3a1ec162833344405525712571c6a82ef587df1b7a13c6f6ac56a814f71f209063954723088c6c9a2ce474cc7cff3cbe7cd3c433cd47bbf5384fb1c5d4cce8ba9ff1c48460c373aba59138b7dd6bb63e18856fcda07971d399be3b52f8777d1e0259258b6d0039f1057632b3b4119bf449b72989a0fab1931e8fe506fc4061417c35e083ff50b21cd43f2fc017310e6cf10b3a9f40e8d34b39f5a44b386f760d5a19ab60c7ec4b63f39f94c24afb76d4ecf05b4276536bc6bae8e740b5d16e3cabfb56d256e0f8d2fcc2d55c518f2b978dd473d75f6896f1db8bd43dc0e973cd2ea837d3f9f433728aaa557561443b4c1048fd2c040f6a2fab01a6d2c64c8f6c5bc4221ffd24597052266fbb7a622f90961f686848e6c4495ea2dc387f13b7b4f0cd00b88f31cd4cbf753b883c9695d8d51872ce74a9d5f2f19c04844d83147c57f90cc909f7bc7ac3f9e8b1696b59ee0cbe6ed23c5094f3c9ba5baae2f82e3f7bbad8d6ab5e78635425fb80d3288d03dece97d4126f0575bbb4426cca81f29badf7ee3137ac1cdeb62107d2a0e15bdb201552cb7cf4dc09ca726392668df09e352864e674f93329a0a7b66cc5311788967cb46cd001f87063b5e4bf01678d03c276ff304e3f11b6d70d687072387c78537adc3f63c0279ed305371114a793bc0d0693e66fa27922433ed116b3fe4938523221ed09c4148f76848ce905bba80d25c630d881462227da51e1b26a95d3f66d547618e1f19a808b47347659d7a9e91833584a432cbb4d2c31eb80ae7ab1497d736fb55316ff50162c5dc8cc4dea5d307b35602cb5595b4df095bbc850648ada532a56377805ac4f7ae3064945a6940cde20f21570a0ea193adfcd618b2723c74ad652fa624514ca0c3af2a003b8f0a915f190608f09226a2070cf5c07306f6f623bbb88e391552e67f6ecaf99abfbccf4a9b38ef0a081ab032a40fe2cbc192394e6156ff6dcdcd7ebfaaee4425f19e1bbf8116d19f2fde6a669a8d0ad5bc6baebf0903affd23036bc0454b0e379e8ae33fecb9015dcfbddf2d55e52131484c73795d4df42fda327e77a098639fb9351fda2e9c95528082f0b56c7e47c9094fd8108a73bfd0cdd00b192a783c8d28fe1b426dd09ead48753509385f5757f27cd9c1ab7b2ea2e86d8f07fbc7a1237efe1a54759b9869989fa6b91bf0d0789fa962d97396f96e4f46cf4d35c0857bcc05efc73178a90e867c2bf266d6878e63ca3653669d8d9c9ff8ce5735ee1194027f0d8035594c7bef49a0584678935ec9e091be4664a36820abe7ea4ce52608398686c3b35a3355e655f071950480987b8aa3bd6e61423e46a3bf6ae1d392c5c37d40c7b9173d86a30f2d37cddd761562de889801a80729fbeb23903343ac33909cea92d283c57de88514e9eb5460cbeaa0df0ff7bc07c2fa76e41954bdc52b149bd3c2e1ade127cae5ade544f4aadc28200066a72ebc1c59bbe03ca583f6170530becc156e65da3d3da692214eff04125fabdf38a9d2189a79c9a71a83d99317c2e51727a6a2c1c61b5aa1733aab35a8a120392512dce06000e8754976ab504bfb0c6f6288f81bebf464ea74df1dc4e2a14d5156519152173bf073580350261fe7ffbaf89969416e631786611c99252bd9b508d567c9417c510e7de50a573931d093e7c011b9391c00b542a7d1eb6fb5dfb92b262adb8d1add0321d62a5fe9d9486db2dec56b50e0da51bb40fa860401382aa6f65f3b8fd343d2dc61ce19051ff33da29e09989a4f9df32f86f4b6b32a87bfa54a61bddbcfcf0482b3e5ef2088b9ea7b48e7c60fdcaaa88829368987bd4ee93518e01aaef548a458d489199c7a44e0827c79ceebfbc4227bc9af59b382b4f0c8d0c46b88dea9feecde30859d8ff69f97993a06a1d67aa61e8c3cb522e08a3c43651cd57df34593fb39d6da656ac77c4fd6ba655d6250b655f39140b4a0240c97e32158c6ebf70e8f62b06c46c2fee4ba21f4fed9c74c4528d3b05a43a2f8a8aa36273c51aefe6b134e03401724462e2ba46dd061e1220b296db583f7e294aa077eba80097feb4eeb022c4db774a5a6eba3d039620a45d069f85db8c3b30f9cd4506b620b49ae3187a9528e88830eb860ff42db2bd8739c1955f52ce2e6b1b283064272b84637883f14adfcf03ab04a72007db7a430c0419a87337e6aaa2b7758dd8a250db39b158a5cbbfb4c04fe15a34c5667bdbe238072354a9f7b7a02dce12a84a2c9d61e5556be76e3e94f6c46c24b9542540ef292ea413ffc703e6f069753a1fc0117ba93fbdc5167cabdb34d1df046449f62a12bd8efe4b203866b2d237d92d7bf18438d5bd8e9a845e45ff1210548fc9604928930dd61b47fa56ddd1d63f30d995391f360acac4371058810d050d9e8026d099fde4ef938e8b84580543d804e3062c99755a01906cef3ef040d8f77d56bfde4d6c2ca20f02f59c1f6fd3c3522509dfab9296d4884d8aab3ca946db9add16f613593a44378ba6239178ec7c984577ce7f08123ad2e5eb27a997295bf7b8fb8fb793011001cb1d0f3dc719ddb0bd18133e117c5e71c57b318dd551e48db06e705575684e2bffd852fa40c0288e53a0191ffe2404f50be6fb7a57bebc21ef266ca4ddb4a752a0d700e12902409711123137545d0305f842a28eb4e7e1ac042bc3165d82518a7e965fe0bf439e807f9ff6108802d4766edaa9d4b7ed2833bbf560b329c2bf9d427c1e671d0da40027e686163ff4475450477586a95e313faaf809c61cf24fc42cc75ed2657dc480104d9b5285fa3b03494560fa3ddb181181e8be6e0cda7f3ff86e72fe83dc1620c7338723766b22d3e7b18f13b0fe99de3238cd9c88c27d0535d00bba90a5bcfda748496e45a9c009164bbfc982a657a88105e37a6a410f25d81172d1400830077de8041d73d1517529dd9757daad06708002800", @ANYRES32=r0, @ANYBLOB="00fff408005100c8d9a4276474c14b9f772db2dd242d4a35bb66c9983fb9701a8cdce953a5ed2f4a0184fa302448182e3f1454f0d8917d8cd1042b8cd84960bcbb31c6b97d73d9f3bd682be50ede5811e9e662f6f50e74f7748f26b206e4218b309a27b60c200b5bdf0bffd462cf391d3a91afe124aed9a4ac78656fb9c27dcfcd13e181e5a23c4ac88c2f12ddb1773e7597fff66a108f0281c6de51c9b19c4d8e12524d7473c92e186de06426f2aa2a1bb66427db0fd07b0b22f955558331e45ae76d53c385eaad304421cdcd7c23cc586dd33530a59e1fce0205cbe4b00994d16a39ed3460a31f1a63a5f836579a2d1eee19ac2fd505000000000000008df6a011b5aa0f69cb18cf81372a370dc9394dbda1a0ca445c4bba7e9ac0f3b2d59f34da4c327b1e3eb4dbf2f7fc8c", @ANYRES32=r2], 0x1310}, 0x1, 0x0, 0x0, 0x2000c000}, 0x8090)

00:34:41 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:41 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:41 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$IP_VS_SO_SET_ZERO(r1, 0x0, 0x48f, &(0x7f0000000140)={0x0, @multicast1, 0x4e23, 0x0, 'nq\x00', 0x20, 0x401, 0x1}, 0x2c)
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_CLIENT(r1, 0xc04c5349, &(0x7f0000000180)={0x1, 0xffffffff, 0x6})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
setsockopt$netrom_NETROM_T2(r1, 0x103, 0x2, &(0x7f00000000c0)=0x20, 0x4)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:41 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:41 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0xffffffffffffffd3)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  357.178774][T20938] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  357.190817][T20945] input: syz1 as /devices/virtual/input/input310
00:34:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:41 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  357.279334][T20949] input: syz1 as /devices/virtual/input/input311
00:34:41 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:41 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  357.416318][T20962] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:42 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})

00:34:42 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1]}, 0x45c)
clone(0x4100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = gettid()
tkill(r1, 0x400000000016)
wait4(0x0, 0x0, 0x40000002, &(0x7f00000000c0))
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:42 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x0, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
ioctl$KVM_SET_NR_MMU_PAGES(r1, 0xae44, 0xa6)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f00000000c0)={0xf, 0x9}, 0xc)

00:34:42 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:42 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)

00:34:42 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)

00:34:42 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r2 = socket$inet(0x2, 0x2, 0x2200000088)
bind$inet(r2, &(0x7f0000000300)={0x2, 0x1004e20, @local}, 0x10)
sendto$inet(r2, 0x0, 0x0, 0x8084, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
setsockopt$inet_udp_int(r2, 0x11, 0xa, &(0x7f0000000c00)=0x2, 0x4)
sendmsg$IPVS_CMD_GET_INFO(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[@ANYBLOB], 0x1}}, 0x0)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000000c0)='net/fib_triestat\x00')
ioctl$TCSETAW(r3, 0x5407, &(0x7f0000000140)={0x0, 0x8, 0x10001, 0x6, 0x6, 0x8, 0x40, 0x4, 0xfff, 0x7ff})
recvfrom(r2, 0x0, 0x0, 0x0, 0x0, 0x0)
r4 = fcntl$dupfd(r0, 0x0, r0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r5, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r4, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r4, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  358.038723][T20991] input: syz1 as /devices/virtual/input/input312
[  358.058733][T20988] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:42 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)

00:34:42 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  358.112568][T20986] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:42 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:42 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000000140), 0x800)
bind$bt_l2cap(r1, &(0x7f0000000180)={0x1f, 0x3, {0x8, 0x0, 0x1, 0xfffffffffffffffb, 0x8, 0xe8b6}, 0x1000, 0x2670}, 0xe)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000240)={0x5, 0x400, 0x8004, 0x5, 0x10001, 0x4, 0x4, 0xa738, <r4=>0x0}, &(0x7f0000000280)=0x20)
getsockopt$inet_sctp_SCTP_MAXSEG(r2, 0x84, 0xd, &(0x7f00000002c0)=@assoc_id=r4, &(0x7f0000000300)=0x4)
write$P9_RCLUNK(r2, &(0x7f00000000c0)={0x7, 0x79, 0x2}, 0x7)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  358.250930][T21005] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  358.273447][T21009] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:43 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:43 executing program 0:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:43 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:43 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0xfffffffffffffec6)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
getsockopt$inet_sctp_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f00000000c0)={0x4, [0x7ff, 0xd017, 0xf9a1, 0x401]}, &(0x7f0000000140)=0xc)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:43 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
syz_mount_image$erofs(&(0x7f0000000000)='erofs\x00', &(0x7f0000000040)='./file0\x00', 0xe1, 0x4, &(0x7f0000000340)=[{&(0x7f0000000100)="5c2a10e031084137d37b5611d53080f47969486feadd727d4875d7f44519fc4aa44d9dc49245e5699786de99f8ccc3e4d3528a3ce80300bc50ce656656c54ec4be335c55d3ae2026a9e132a003f1c9239efa6f43149ebece5ee1dfc9f09838afb8b6fc5675a616bd413221c1e63334683b471f7c791c364fae361b6ef52c2fc382728df1f08e670e9e0ebbb72165d95f29f5ccc1e2ec7a37759e6d882b705f4d67eeb22228afd13014ee805e9256b15c6b28a13d22585bba487bbddf972a690d4d9f3f910d8b10919ee866a4ff9b2da2dab97fdc54a4884e717ef66bc49063c8183ba6bd3c8038c5", 0xe8, 0xffffffffffff4ffb}, {&(0x7f0000000080)="6e46fd545f1fa2fe31c2dfd3913191fcfc87d81fa72e7d9b09b64e808f52b7e2e45d951981333812429beafd67525d05d716c2", 0x33, 0x1000}, {&(0x7f0000000200)="5918451153b8f7ec4db9110ec5770d17d011a324649f1020c8acae71652b27c955010296720e40d008cd900b44b06a2e9258bced13e1b2a04f44831b13b92467c196677395eb3e16b4ac42b0c367f913ba04f8bcc9082e889d2251d1d31d073f93fe7dafea45e4ea3f8268a22574295f4ad62610e3b0b9f75a42f6db5b61a004eb87bdb428f394813aa9bfeb977f8b11ff8a4205e21b8fb3557599acf8435a3ec0c9122428b4da321f95887759aaaa976df28800137fdc9617abccb40c655ba82463f62557fc73ea9b37c8ef0468eedbe9729e242a6ad3f7ff30db1fc66cabd116a9ef8102de853fbe7289f16437cebc60", 0xf1, 0x20}, {&(0x7f0000000300)="9200c3ae4aac74da8e59436d8a0e7de597e528958c42a5bf986f230fd87f1af4c10e0ecb3752e925b057bed0ca62454b", 0x30, 0x4}], 0x40042, &(0x7f0000000880)={[{@acl='acl'}, {@nouser_xattr='nouser_xattr'}, {@fault_injection={'fault_injection'}}, {@nouser_xattr='nouser_xattr'}, {@acl='acl'}, {@noacl='noacl'}, {@nouser_xattr='nouser_xattr'}, {@acl='acl'}, {@acl='acl'}], [{@fsname={'fsname'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]})
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:43 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$SNDRV_SEQ_IOCTL_GET_PORT_INFO(r1, 0xc0a85322, &(0x7f0000000140))
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xfffffffffffffe0b, 0x9, 0x0, 0x7}, 0xf)

[  358.908817][T21026] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  358.919493][T21025] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:43 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmsg(r0, &(0x7f0000000240)={&(0x7f0000000140)=@pppol2tpv3in6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f00000000c0), 0x0, &(0x7f00000001c0)=""/69, 0x45}, 0x20)
ioctl$FIGETBSZ(r1, 0x2, &(0x7f00000000c0))
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f0000000280)={<r2=>0x0, 0x2, 0x3}, &(0x7f00000002c0)=0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000300)={0x7fff, 0x7, 0x0, 0xe6c, 0x844, 0x8000, 0xaff, 0x10000, r2}, &(0x7f0000000340)=0x20)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r3 = fcntl$dupfd(r0, 0x0, r0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r3, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:43 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:43 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:43 executing program 0:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
r1 = dup3(r0, r0, 0x80000)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000001a80)={0x9, 0x0, [{0x5002, 0x1f, &(0x7f0000000080)=""/31}, {0x7001, 0x9c, &(0x7f0000000100)=""/156}, {0x7000, 0x1000, &(0x7f0000000880)=""/4096}, {0x2001, 0x71, &(0x7f00000001c0)=""/113}, {0x1000, 0xe, &(0x7f0000000240)=""/14}, {0x2, 0xd6, &(0x7f0000000280)=""/214}, {0x1, 0xfe, &(0x7f0000001880)=""/254}, {0x2000, 0x4a, &(0x7f0000000380)=""/74}, {0x7005, 0xdf, &(0x7f0000001980)=""/223}]})
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
setsockopt$inet_sctp_SCTP_RECVNXTINFO(r1, 0x84, 0x21, &(0x7f0000001bc0)=0x2, 0x4)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
setsockopt$TIPC_CONN_TIMEOUT(r2, 0x10f, 0x82, &(0x7f0000000040)=0x3, 0x4)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  359.007672][T21040] input: syz1 as /devices/virtual/input/input315
00:34:43 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
lsetxattr$security_smack_entry(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)='security.SMACK64IPIN\x00', &(0x7f0000000180)='\x00', 0x1, 0x3)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$sock_ifreq(r0, 0x8918, &(0x7f00000001c0)={'rose0\x00', @ifru_ivalue=0xfffffffffffffff9})

[  359.120649][T21040] input: syz1 as /devices/virtual/input/input316
[  359.172067][T21058] input: syz1 as /devices/virtual/input/input317
[  359.230488][T21057] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  359.240258][T21054] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:44 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000300)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
r1 = openat$vimc1(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/video1\x00', 0x2, 0x0)
ioctl$VIDIOC_G_JPEGCOMP(r1, 0x808c563d, &(0x7f0000000100))
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r2 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='rdma.current\x00', 0x0, 0x0)
r3 = openat$cgroup_ro(r2, &(0x7f0000000080)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
getsockopt$inet6_IPV6_IPSEC_POLICY(r2, 0x29, 0x22, &(0x7f0000000b40)={{{@in=@local, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r4=>0x0}}, {{@in6=@initdev}, 0x0, @in=@initdev}}, &(0x7f0000000c40)=0xe8)
ioctl$VT_SETMODE(r3, 0x5602, &(0x7f0000000200)={0x20, 0xffffffffffff4924, 0x6, 0x80000001, 0x4})
setsockopt$packet_drop_memb(r3, 0x107, 0x2, &(0x7f0000000c80)={r4, 0x1, 0x6}, 0x10)
setsockopt$kcm_KCM_RECV_DISABLE(r2, 0x119, 0x1, &(0x7f00000001c0)=0x3ff, 0x4)

00:34:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r1, 0xc02c564a, &(0x7f00000000c0)={0x0, 0x0, 0x3, @stepwise={0x7, 0x10001, 0x6, 0x2, 0x6033, 0x64d1}})
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:44 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:44 executing program 0 (fault-call:4 fault-nth:0):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:44 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
r3 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100)='/dev/infiniband/rdma_cm\x00', 0x2, 0x0)
write$RDMA_USER_CM_CMD_BIND(r3, &(0x7f0000000040)={0x14, 0x88, 0xfa00, {0xffffffffffffffff, 0x1c, 0x0, @in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90)
ioctl$PERF_EVENT_IOC_PERIOD(r1, 0x40082404, &(0x7f0000000140)=0x81)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  359.802193][T21079] input: syz1 as /devices/virtual/input/input318
[  359.827941][T21076] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

[  359.919138][T21075] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x10040, 0x2)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
fcntl$F_SET_RW_HINT(r0, 0x40c, &(0x7f0000000200))
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
connect$unix(r1, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e24}, 0x6e)
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
bind$bt_sco(r2, &(0x7f0000000140)={0x1f, {0x0, 0x65d000000, 0x6, 0x5, 0x3, 0x3a3f}}, 0x8)

00:34:44 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0xd, 0x0, 0x0)

[  359.981861][T21079] input: syz1 as /devices/virtual/input/input319
00:34:44 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = syz_open_dev$ndb(&(0x7f0000002a80)='/dev/nbd#\x00', 0x0, 0x80000)
recvmsg(0xffffffffffffffff, &(0x7f0000002900)={&(0x7f00000001c0)=@pppol2tpv3={0x18, 0x1, {0x0, <r2=>0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f00000018c0)=[{&(0x7f0000000240)=""/203, 0xcb}, {&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000000340)=""/161, 0xa1}, {&(0x7f0000001880)=""/59, 0x3b}], 0x4, &(0x7f0000001900)=""/4096, 0x1000}, 0x1)
getsockopt$inet_int(r2, 0x0, 0x12, &(0x7f0000002940), &(0x7f0000002980)=0x4)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000029c0)='cgroup.stat\x00', 0x0, 0x0)
ioctl$TUNGETFEATURES(r3, 0x800454cf, &(0x7f0000002a00))
ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000040))
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r4 = syz_open_dev$mice(&(0x7f0000000080)='/dev/input/mice\x00', 0x0, 0x8001)
getsockname$unix(r4, &(0x7f0000000100)=@abs, &(0x7f0000000180)=0x6e)

00:34:44 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
read(0xffffffffffffffff, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:44 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x10)

00:34:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/hwrng\x00', 0x20000, 0x0)
ioctl$SG_GET_COMMAND_Q(r1, 0x2270, &(0x7f0000000280))
ioctl$TIOCSWINSZ(r1, 0x5414, &(0x7f0000000180)={0xfff, 0x0, 0x7, 0x7ff})
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0x58)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
read(0xffffffffffffffff, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:44 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  360.285965][T21118] input: syz1 as /devices/virtual/input/input320
00:34:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e6787b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:44 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x2000)

00:34:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
read(0xffffffffffffffff, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:44 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x200, 0x0)
ioctl$KVM_ENABLE_CAP_CPU(r1, 0x4068aea3, &(0x7f0000000040)={0x7b, 0x0, [0x140000000, 0x40, 0x10000, 0x9]})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:44 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:44 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x10000000)

00:34:44 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
getpid()
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:44 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
openat$vicodec1(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/video37\x00', 0x2, 0x0)
syz_open_dev$mouse(&(0x7f0000000140)='/dev/input/mouse#\x00', 0xe1, 0x40)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:44 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:45 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x20000000)

00:34:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
socket$inet6_dccp(0xa, 0x6, 0x0)

[  360.718446][T21170] input: syz1 as /devices/virtual/input/input322
00:34:45 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:45 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x1000000000000000)

00:34:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
setsockopt$inet6_MRT6_DEL_MFC_PROXY(r1, 0x29, 0xd3, &(0x7f0000000140)={{0xa, 0x4e21, 0x3f, @mcast2, 0x8}, {0xa, 0x4e24, 0x3, @rand_addr="1cc03a4bf801a9ab8c630af4b8e03b56"}, 0xf3f, [0x8, 0x7fff, 0x2, 0x7fff, 0x8, 0x1, 0x7, 0x100000000]}, 0x5c)

[  360.809710][T21170] input: syz1 as /devices/virtual/input/input323
00:34:45 executing program 4:
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x0, 0x402a00)
sendmsg$nl_crypto(r0, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000001100000228bd7000fcdbdf25647262675f70725f73686131000089d0f80be9e3d9d88ea5d98c2e800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000efff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000002000000000000000000000080001000800000000"], 0xe8}, 0x1, 0x0, 0x0, 0x1}, 0x200080d1)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0xe)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0xfbfffffffffffffe, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r1, 0x5502)

00:34:45 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x2000000000000000)

00:34:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/mixer\x00', 0x515c00, 0x0)
execveat(r1, &(0x7f0000000200)='./file0\x00', &(0x7f0000000280)=[&(0x7f0000000240)='\x00'], &(0x7f00000003c0)=[&(0x7f00000002c0)='trusted.overlay.redirect\x00', &(0x7f0000000300)='trusted.overlay.redirect\x00', &(0x7f0000000340)='/dev/vcsa#\x00', &(0x7f0000000380)='trusted.overlay.redirect\x00'], 0x800)
fsetxattr$trusted_overlay_redirect(r0, &(0x7f00000000c0)='trusted.overlay.redirect\x00', &(0x7f0000000140)='./file0\x00', 0x8, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
ioctl$VIDIOC_G_CTRL(r2, 0xc008561b, &(0x7f0000000440)={0x5, 0x1})
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r4 = syz_open_dev$vcsa(&(0x7f0000000180)='/dev/vcsa#\x00', 0xd99, 0x41)
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
sendto$x25(r4, &(0x7f0000000480)="91b6a36160266be948f68152fa9090b5f02be5894b5de1dcb497bdaf4dc439b55ec26dcc4a3c50095ffd2dd07fae26372b33087bfe78dab8de55228ca1a33001d75f282eded2dab18041e0f91f3f17869124d961de08017df5722ad9ad5c488dd1282b8c7710bb31577e57ab7838cb", 0x6f, 0xc0, &(0x7f0000000500)={0x9, @null='               \x00'}, 0x12)
poll(&(0x7f0000000400)=[{r0, 0x8080}], 0x1, 0x7)

00:34:45 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
getpid()
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:45 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:45 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x1, 0x402400)
ioctl$VIDIOC_DBG_G_REGISTER(r1, 0xc0385650, &(0x7f0000000040)={{0x0, @name="eb02b2aa474b24ec759b4130bd8020887d862df37461856b065a7aa43c0ab681"}, 0x8, 0x3ff, 0x7})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:45 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0xffffffff00000000)

00:34:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/udp6\x00')
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r1, 0x84, 0x1e, &(0x7f0000000140), &(0x7f0000000180)=0x4)
ioctl$MON_IOCG_STATS(r1, 0x80089203, &(0x7f00000001c0))
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(0xffffffffffffffff, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r1, 0xc0045540, &(0x7f0000000280)=0xff)
ioctl$sock_rose_SIOCDELRT(r1, 0x890c, &(0x7f0000000200)={@dev={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x1ff, @null, @rose={'rose', 0x0}, 0x2, [@bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
write$P9_RXATTRWALK(0xffffffffffffffff, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  361.566095][T21220] input: syz1 as /devices/virtual/input/input324
00:34:45 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = syz_genetlink_get_family_id$nbd(&(0x7f0000000140)='nbd\x00')
sendmsg$NBD_CMD_STATUS(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYBLOB="28f5ff00", @ANYRES16=r3, @ANYBLOB="00042dbd7000ffdbdf250500000008000100000000000c0005002400000000000000"], 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x40000)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:45 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x9)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:45 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:45 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:46 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = syz_open_dev$admmidi(&(0x7f0000000000)='/dev/admmidi#\x00', 0x8, 0x200)
ioctl$KVM_TRANSLATE(r1, 0xc018ae85, &(0x7f0000000040)={0x2, 0x0, 0x5, 0x100000001, 0x8001})
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

00:34:46 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
syz_open_dev$audion(&(0x7f00000001c0)='/dev/audio#\x00', 0x9, 0x10000)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
accept$packet(r1, &(0x7f00000000c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0x14)
bind$packet(r1, &(0x7f0000000180)={0x11, 0x1b, r3, 0x1, 0x6, 0x6, @local}, 0x14)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  361.749616][T21226] input: syz1 as /devices/virtual/input/input325
00:34:46 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
getpid()
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:46 executing program 0:
r0 = fcntl$dupfd(0xffffffffffffffff, 0x406, 0xffffffffffffffff)
ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000000)={0x3f, 0x10001})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$ASHMEM_SET_PROT_MASK(r0, 0x40087705, &(0x7f0000000080)={0x1000, 0x3})
ioctl$KVM_GET_ONE_REG(r0, 0x4010aeab, &(0x7f0000000040)={0x10001, 0x4})
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0xfffffffffffffef9)

00:34:46 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:46 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = dup3(r0, r0, 0x80000)
write$USERIO_CMD_SET_PORT_TYPE(r1, &(0x7f0000000000)={0x1, 0x9}, 0x2)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:46 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1b, &(0x7f00000000c0)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:46 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x40400, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  362.454470][T21260] input: syz1 as /devices/virtual/input/input326
00:34:46 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm_plock\x00', 0x80, 0x0)
sendmsg$alg(r1, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000140)="622fcc", 0x3}, {&(0x7f0000000180)="c097ddba8e7fdd8038ed5d4a350184a882d26ad049116612b5c3e68ede44261921c98c8f7df60f5c8aa8104f3ece29efd18446503fc304cce87c74af12b93a384ad286f1a184aa43eceba1f8929c3f4ba046d5de06d0b446d36b1cca848958be794daf38235c19da021aa30904e87316b34657476bbdee83d407c6d690333ca216be6e619bdd189ded88d42bc68326e42a860a6d63c81a28c4891a215167f91e119372", 0xa3}, {&(0x7f0000000240)="d48c3e26ac7530d2ba5fdf2cfdf9d3d1f5686938a51928ee5421926a362c8eaeef71357c79dbe0b48c95872200bfa00e664f79fe36c448b023db38344f840eeb0592650c66991f13f6defa72dcee0ff22d7f0e0b336370a63b3794a94bea9ee76ad6ca6addc40dd514f09833c1b668eac86b516019eac145bdb6000129164881ddd3c33842417aaf68ded2e38b2502bfe83954c5e7349fcbf534cb0cd4c55037bf978c5ebf61bdfda7b62160ac5cc466bbcb8f63890cd3fe7df13ea4a8559999b6ed5b2cf8851ef1becdee8273c6795fe8891252030f1106c0d755869b1beabc313bfa94b2967a3116c51d6e3abe728e62887b9895fb3346d89ae4ac", 0xfc}, {&(0x7f0000000340)="b6cd8d12ff0c3b147d537ac1eb694d71cd4cfa1a8084a043c9224393a5b8dd1c15493ef872d4671afa1146cd2a5c029721", 0x31}, {&(0x7f0000000380)="aad8478b4b162ee308d02fac0431f4bdfd55f7751caad65c47ad4c356e257297daa49f2a60ab94ae5e6dfccc07c9b082c6d3fa4ca8f0afec6e3d69495b2cba6b1c00336fc6a79f32a8860ce302050434495e8dbd941ff4d7b49067f5a3bbb730e059dd5ca0cb85983550d92380f693448957bc9525e05d9ebc8c7c18a070069bee8e8c7330a0684dff1b3bdba1e7f3b9edadbe0e57a700c4a975f26700ac6bb142bad6c9450bdf967a11f1bd88bb723123a142dd3af5915b9bd6dadeee8919b86f43c550b46a6098a45f", 0xca}, {&(0x7f0000000480)="d24e731c902797739178e0ba8a17fae6fca1f92ec990c56d3bcdc870", 0x1c}, {&(0x7f00000004c0)="8aa74e15be8a8989b7dfd589eaed249b0b991d45be49659b579c27053c8cf8e0b0bff99b9fd59ecbb12f41b4ed7633f8c62df67ed81fa75e6e3abc69cf08794909fb6498434fd571e5bf8bc1ac5841cec26f33e827e0fce9a0ca8319239acb1739cc6237e5f8e0e8fc5c2fc13367261b4a527e026a0ea63ee16f582827399e52fb3520c3967979f0537ec5f874235fcb5100049e77ecc762d15c7507e9a72a6482773b7178b29b6188", 0xa9}, {&(0x7f0000000580)="0fb58426a40c3954d2d76f04cb0da701eebfbd7445d36fa4f38435863123dec222a013b0a5c210381957410dd36fc09e306027129e86157878d001c2f76a8cc145012342ffe861b2fc2964261564d01d881024b1b1d457cdf2b3e882843a2a4f3c379dec9214baa118cd9c90498f345c2505d7e0cc4794b2f855c397b11cba9540fbfe8742383a92319a09e4a34b14edc418a8e9c5543ff68a143324", 0x9c}, {&(0x7f0000000640)="a7d21c7a46950416e41de3939e942953307a8a7457180068a5bd8ffaf6fae798ae762532ec244c970c0f2d832cff2a3f379162132b4d3e107c586183c2e8b7cc9fd6746e0d786eccfa6836a4d99ce72d236571f067950182cb72723870538049e34452f085903de25871ac2262092753e1221c99862ba84182b260940324c0e55c9155b5602ffc0450fed1e0d551b7bc1313fbc494a63906998fd5ed67ed300d7d2aac79c783a42103060444316360b88bdd80ddc529f3a14e5fbb37bccd15297a927b78245d1c859a88c87c2d8e63d1a5602df426a70546dd435aabd785daeacf33ffe4c669e5ff03f5bea5770112b55ff51d3f1b5990ab572359", 0xfb}, {&(0x7f0000000740)="1b2ccf77dc128ee5674e6dbf1bd9a15f7eb16ccc5ec504eee419d46fa76d4b7d6ab23d1d9e2580f0364626ef232a519322ecd43b6e05e2ab1ee836e2aef8355c40df2dadc55ada5844bde89bffbff2fca4209ba84fbd7709dc070f4a3da8899927a9d97ba640b2d6c8eaaaab6f5cd83ad79a6c7e0f6a", 0x76}], 0xa, &(0x7f0000000880)=[@iv={0x68, 0x117, 0x2, 0x50, "52941ebe38e886494937e3d9aaabab90599e75737ce80d9530a7b1964fbf9bc977c2335316af303772c71595abd87e865738bec46238f7245510fc3ebe1599b6a266cc529cfcc74061a681d262477425"}, @op={0x18}, @iv={0x30, 0x117, 0x2, 0x18, "3a4fefbdf8cdc1781ebd4eae516c26f34674de9ae8b83d5f"}], 0xb0, 0x8000}, 0x800)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:46 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:46 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  362.569047][T21260] input: syz1 as /devices/virtual/input/input327
00:34:46 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140))

00:34:46 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0xfffffffffffffe13, 0x101001)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0xfffffffffffffe89)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r1, &(0x7f0000000280)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8f038b7c", @ANYRES16=r2, @ANYBLOB="020b28bd7000fedbdf25160000002c0007000c0003008000000000000000080001000500000008000200040000000c00040071000000000000000001050008000100657468000c000200080001000d000000340002000800040000000000080001001c00000008000200faffffff080001001b000000080002000500000008000200010000000c000200080003000800000014000200080003000500000008000300030000003c00020008000200ffff0000080004007f00000008000400ff010000080002000400000008000400090000000800020001000100080002000000000034000200080001000200000008000300050000000800020005000000080001000b00000008000200810000000800020040000000080001007564700008000100696200001400020008000400e00c0000080002007d3600000800050004000200"], 0x148}, 0x1, 0x0, 0x0, 0x4}, 0x4800)

00:34:47 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:47 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x2000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-control\x00', 0x103080, 0x0)
ioctl$SIOCAX25GETINFO(r1, 0x89ed, &(0x7f0000000040))
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:47 executing program 0:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x240201, 0x0)
ioctl$KVM_ASSIGN_PCI_DEVICE(r0, 0x8040ae69, &(0x7f0000000040)={0x7, 0x2, 0xffffffff, 0x2, 0xffff})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
getsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000080)={<r2=>0x0}, &(0x7f00000000c0)=0x8)
ioctl$sock_bt_bnep_BNEPCONNDEL(r0, 0x400442c9, &(0x7f0000000240)={0x10000, @local})
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(r0, 0x84, 0x70, &(0x7f0000000100)={r2, @in={{0x2, 0x4e22, @multicast1}}, [0x7ff, 0x0, 0x9543, 0xff, 0x7, 0x9, 0x5, 0x80, 0x8000, 0x5, 0x5, 0x101, 0xe4f9, 0x6, 0x1]}, &(0x7f0000000200)=0x100)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000280)='/dev/vga_arbiter\x00', 0x20000, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)

00:34:47 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:47 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000002140)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)=""/57, 0x39}, {&(0x7f0000000180)=""/156, 0x9c}, {&(0x7f0000000240)=""/98, 0x62}, {&(0x7f00000002c0)=""/64, 0x40}], 0xfffffffffffff6c}, 0x1ff}, {{0x0, 0x0, &(0x7f0000001480)=[{&(0x7f0000000340)=""/25, 0x15f}, {&(0x7f0000000380)=""/50, 0x32}, {&(0x7f00000003c0)=""/4096, 0x1000}, {&(0x7f00000013c0)=""/177, 0xb1}], 0x4, &(0x7f00000014c0)=""/245, 0xf5}, 0x6}, {{&(0x7f00000015c0)=@in={0x2, 0x0, @loopback}, 0x80, &(0x7f0000002380)=[{&(0x7f0000001640)=""/183, 0xb7}], 0x1, &(0x7f0000001740)=""/245, 0xf5}, 0x81}, {{&(0x7f0000002300)=@ipx, 0x80, &(0x7f0000001900), 0x1, &(0x7f0000001940)=""/71, 0x47}, 0x8001}, {{&(0x7f00000019c0)=@pptp={0x18, 0x2, {0x0, @dev}}, 0x80, &(0x7f0000001b40)=[{&(0x7f0000001a40)=""/193, 0xc1}], 0x1, &(0x7f0000001b80)=""/220, 0xdc}, 0x100000001}, {{&(0x7f0000001c80)=@in6={0xa, 0x0, 0x0, @initdev}, 0x80, &(0x7f0000001f40)=[{&(0x7f0000001d00)=""/101, 0x65}, {&(0x7f0000001d80)=""/210, 0xd2}, {&(0x7f0000001e80)=""/145, 0x91}], 0x3, &(0x7f0000001f80)=""/118, 0x76}, 0x800}, {{&(0x7f0000002000)=@llc, 0x80, &(0x7f00000020c0)=[{&(0x7f0000002080)=""/34, 0x22}], 0x1, &(0x7f00000023c0)=""/13, 0xd}, 0xfffffffffffffffa}], 0x7, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:47 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
ioctl$SG_SET_COMMAND_Q(r1, 0x2271, &(0x7f00000000c0)=0x1)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x0, 0x2a, &(0x7f0000008000)={0x1, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_mreqsrc(r3, 0x0, 0x27, &(0x7f0000000000)={@multicast2, @remote, @dev}, 0xc)
setsockopt$inet_msfilter(r3, 0x0, 0x29, &(0x7f00000006c0)=ANY=[@ANYBLOB="e0000002ac1414bb0000000005000000e000000200000000e2000002ac14144b0bd9d375713cb700ac1414aafaebbfc459597a2ef4b1212ac3ab84b982f40dac90fe40701a78c979d6c7c090aeb43e138e3a9d9037fbb8b58489107d78dd35c918fb5c5782963d1666756fe1fa0300000025eab1c69a8378ab6b4afaebeac099b434e8d548bad10b81d7a2aa37f41cacae5815a2029657fcf3e09897341f98808d8511f6901a575498c2d40ec0705bdd46a9f23eae0e9c6da8a0d14a4b16f039c045f2b637ac7d0978f543654fb3e7225aff71be8173f2a23bd763873293258d327a2567b827b8721a8c054bc101c1d3283f8810aa7dc996e85ebddda9688db5c674de2f7eb6000000b1fc8cac020ffa582be08e84612aa8cef159176e449ad513ae4ca5ff9c4f9b6313ff9efc073a063ec5771de75d1b19f91f1ba408493bb6c42ce4c193867e08ae2a99b5a209519574b55c6a7d9e3f6ff0b01eb9fc1dc049ff92432516252649b4a404855e50c57b771035a0b9929b4dff03000094bbabd0179b96f1c8b4880a3f46c42b88e0afc4dd63877097ba06caefe894fb8cdec4420fd52a5841fddaf7f003fdb5f5d25618b5eebbb03e361be83af2aa67cf473f8303ec9e79a649c7e1a19dc3ecb07f6daee60292bde906007505d88f0677c1630082130443a833bec3bd5c76e904d217ab5290f4bba64c33179598e323c01c518cd403d24a0ebcdf03bd0ac5ded380f91acc99b91d33fb53919884213fac41e2a8ed2f14b0718bbcba72a1d9d45a6246d2740b8de1581d765c26bfbb31750d86b5a7cd4afde4235fab7b64f7d371e32c9d2280af54c3a3c7a92195266e82647d1728e4fc9a18b07b3ede8931a609a263b9444c5d0bc1cb3057c1eae1e7d8bd099dd62cc1ad2f2f1b9990f25d5f86c88d4de2bd91c581f9d828bce8d7c788defc212cbbee24adad4a0f554fd8c63ed373046809b7ad3fa58059e495887d05f963d76f84f00000000000"], 0x24)
getsockopt$inet_buf(r3, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0x90)
getsockopt$inet_buf(r3, 0x0, 0x30, &(0x7f0000008000)=""/144, &(0x7f0000004000)=0x90)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:47 executing program 0:
socketpair$unix(0x1, 0x7, 0x0, &(0x7f0000000400)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$audio(0xffffffffffffff9c, &(0x7f0000000240)='/dev/audio\x00', 0x143000, 0x0)
write$USERIO_CMD_REGISTER(r1, &(0x7f00000002c0)={0x0, 0x6}, 0x2)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
sendmsg(r2, &(0x7f0000000280)={&(0x7f0000000000)=@nfc_llcp={0x27, 0x0, 0x2, 0x2, 0x200, 0xfffffffffffffffb, "148b0e52c9ea39474a739cb6e145877c2990341af5023e3c12c10bd1f43c0462061cf52f25179c0dea6aadeb279d98c8ba8c9ca7c4f5caf122184071c7abe9", 0x39}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000080)="0961f1af66595bc65e1ac1669187a9c7e5c4cbf473fc5c80061442eef4148444b8c9dc3be54088f0a14eb03941221c382cc91c7144218e75e8f4d9ae80c063bc482f6ccbbc6d4dda1b44f6a4", 0x4c}, {&(0x7f0000000100)="8c184e0dccae6aff0be9233bbfe85c0001538fef17b250a68daba27674f9032177212ae5cf36160de00cd215ce3752402c8cfe9e10b0d3b5dfaff5ab384bc78d3c7e553439f448964864177d059062100e", 0x51}, {&(0x7f0000000180)="da140efa1b6d0593309bea810e9e5dc1a3104980d6b0eb15380d257041cc23c04da7cedce374c7cb025b92a28eb8449716841a4c7f3e6f70e3fd719988d4fceb9c102680e9ef069ee88687849729c18d981fdadbecccac58c975999f4c257712124b9bd552eefaf02caae4", 0x6b}], 0x3, &(0x7f0000000240)}, 0x10)

[  363.366651][T21308] input: syz1 as /devices/virtual/input/input328
[  363.380024][T21306] dump_vmcs: 16 callbacks suppressed
[  363.380030][T21306] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  363.400501][T21307] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:47 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:47 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f00000000c0)={0xf, 0x9}, 0xf)

00:34:47 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:47 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f00000000c0)='/dev/admmidi#\x00', 0x8000, 0x480000)
ioctl$PERF_EVENT_IOC_DISABLE(r1, 0x2401, 0x3)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe4fff070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  363.570427][T21308] input: syz1 as /devices/virtual/input/input329
[  363.626926][T21331] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  363.663712][T21336] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:48 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:48 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r2 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vga_arbiter\x00', 0x2, 0x0)
r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x0, 0x0)
ioctl$TUNSETFILTEREBPF(r2, 0x800454e1, &(0x7f0000000080)=r3)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:48 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
setsockopt$inet_sctp_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f00000000c0)=0x8, 0x4)
dup2(r0, r2)

00:34:48 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x0, 0x0, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:48 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2002, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
write$uinput_user_dev(r0, &(0x7f0000000040)={'syz0\x00', {0x8, 0x8, 0x0, 0x7}, 0x6, [0x2, 0x7fff, 0xffffffff, 0x8, 0x2, 0x6, 0x7fffffff, 0x80000001, 0x1, 0x3f847459, 0x6, 0x1a3, 0xcd5, 0x2, 0xff, 0x100000001, 0x0, 0x3f, 0xe0, 0xb5, 0x8, 0x6, 0x200, 0x1, 0x7ff, 0x4819, 0x7, 0x1, 0x7, 0x0, 0x401, 0x8, 0x6f, 0x3, 0x100000000, 0x1, 0x1fffe0000000000, 0x0, 0xff, 0x8, 0x5, 0x5, 0x6d2d, 0x2, 0xfffffffffffff1fd, 0x1, 0x0, 0x9, 0x3, 0x800, 0x4, 0x600000000, 0xde, 0x80, 0xf3b, 0x3ff, 0x5, 0x1000, 0x8, 0x81, 0x100, 0x8001, 0xff, 0x1], [0x2, 0xffff, 0x0, 0x20, 0x0, 0x6, 0x7, 0x2, 0x9, 0xce6, 0x5, 0x1, 0x1f, 0x8, 0x8, 0x3, 0x0, 0x1, 0x10001, 0x7, 0x20, 0x2, 0x2, 0x2, 0x6, 0xb0, 0xb5, 0x1, 0x400, 0x3, 0x2, 0x2, 0x20, 0x7, 0x3f, 0x0, 0x7ff, 0x8001, 0x1, 0x9, 0x4, 0xcd5, 0x8, 0x80000001, 0x7f, 0x5, 0xdbe, 0x400, 0x1, 0x45, 0x1, 0x4, 0x5, 0x3, 0x1ff, 0xfffffffffffffff9, 0x8, 0x3f, 0x0, 0x200, 0x5, 0xb827, 0x9, 0x100000000], [0x7, 0x10000, 0x3ff, 0xd6, 0x3, 0x7, 0xff, 0x100000001, 0x1, 0x1000, 0x401, 0xfffffffffffffff7, 0xfff, 0xfff, 0x1f, 0x7, 0x0, 0x0, 0x10001, 0x80000001, 0xfffffffffffffe00, 0x3, 0x1ff, 0x200, 0x2, 0x7fff, 0x6, 0xa1, 0xd9ae, 0x400, 0xf9, 0x3, 0xffffffff, 0x400, 0xfffffffffffffff7, 0x3, 0x10000, 0x8, 0x1ed19322, 0x1ff, 0x100, 0x101, 0x10001, 0x401, 0x8d8, 0x8, 0x1, 0x4, 0x58, 0x4, 0x7, 0x80000000, 0x80000000, 0xe7, 0x101, 0x4, 0x5, 0x1, 0xff, 0x14b88b43, 0x9, 0x1, 0x2, 0xa4], [0x9, 0x8, 0x7fffffff, 0x8, 0x8, 0x3, 0x4, 0x3, 0xffff, 0x4, 0xde5, 0x3, 0x10000, 0x6, 0x80000001, 0x8, 0x4, 0x8c3, 0x586, 0x80000001, 0x2, 0x34, 0x60, 0x0, 0x5, 0xffffffff, 0x80000001, 0x8, 0x5, 0x100, 0x3, 0x7f, 0x3, 0x2, 0x8001, 0x2, 0xb2, 0x7, 0x3, 0x7, 0x200, 0x0, 0x1, 0x100000000, 0x7f, 0xee, 0x4, 0x57, 0x5, 0xfffffffffffffffe, 0x80, 0x7fffffff, 0x0, 0x9, 0xfff, 0x4, 0x1000, 0x1, 0x9, 0x7, 0x4, 0x4, 0xa117, 0x100000001]}, 0x45c)

00:34:48 executing program 0:
socket$unix(0x1, 0x1, 0x0)
sched_setaffinity(0x0, 0xffffffffffffff79, &(0x7f0000000140)=0x8000009)
perf_event_open(&(0x7f00000004c0)={0x2, 0xffffffffffffff33, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, @perf_bp={&(0x7f0000000100)}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
ioctl$BLKBSZSET(0xffffffffffffffff, 0x40081271, 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x8, 0x0)
r0 = getpgrp(0x0)
getpgid(r0)
r1 = getpgid(0x0)
getpgrp(0x0)
write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0)
r2 = getpgrp(r1)
r3 = openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
write$P9_RCREATE(r3, 0x0, 0x0)
bpf$BPF_PROG_ATTACH(0x8, 0x0, 0x0)
capget(0x0, 0x0)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
r5 = dup(r4)
ioctl$ASHMEM_SET_PROT_MASK(r5, 0x40087705, &(0x7f00000000c0)={0x6})
ptrace$setregset(0x4205, r2, 0x201, &(0x7f0000000240)={&(0x7f0000000740)})
ioctl$int_in(r5, 0x5452, &(0x7f0000000600)=0xe2e)
fcntl$lock(r4, 0x0, 0x0)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
ptrace$setregset(0x4205, 0x0, 0x0, 0x0)
getsockopt$IP_VS_SO_GET_DESTS(r5, 0x0, 0x484, 0x0, 0x0)
io_cancel(0x0, 0x0, 0x0)
setsockopt$inet6_tcp_int(r4, 0x6, 0x12, &(0x7f0000000000)=0x7f, 0x4)
bind$inet6(r4, &(0x7f0000000480)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)

00:34:48 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f00000000c0)={0xffffffffffffff20, 0x9, 0x4, 0xfffffffffffffffd}, 0xfffffdf7)

[  364.283000][T21355] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  364.297823][T21350] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:48 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
fgetxattr(r0, &(0x7f0000000000)=@random={'btrfs.', 'syz1\x00'}, &(0x7f0000000880)=""/4096, 0x1000)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
inotify_init()

00:34:48 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x3, &(0x7f00000033c0)=@framed, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:48 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:48 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000140)=""/183, 0xb7}, {&(0x7f0000000200)=""/247, 0xf7}, {&(0x7f0000000300)=""/76, 0x4c}], 0x3, &(0x7f0000000380)=""/161, 0xa1}, 0x4}, {{&(0x7f0000000440)=@pppol2tpin6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @initdev}}}, 0x80, &(0x7f0000000500)=[{&(0x7f00000004c0)=""/3, 0x3}], 0x1, &(0x7f0000000540)=""/83, 0x53}, 0x7}, {{&(0x7f00000005c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, &(0x7f0000000780)=[{&(0x7f0000000640)=""/31, 0x1f}, {&(0x7f0000000680)=""/170, 0xaa}, {&(0x7f00000008c0)=""/10, 0xa}], 0x3, &(0x7f00000007c0)}, 0xffffffff}], 0x3, 0x0, 0x0)
lseek(r1, 0x0, 0x3)
recvfrom$ax25(r1, &(0x7f0000000740)=""/9, 0x9, 0x40000102, &(0x7f0000000900)={{0x3, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, 0x4}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @bcast, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @default]}, 0x48)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  364.462561][T21369] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  364.480596][T21373] input: syz1 as /devices/virtual/input/input334
[  364.530195][T21375] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:49 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:49 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x0, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000002c0)={<r2=>0x0, 0x6, 0x30, 0x0, 0x5}, &(0x7f0000000400)=0x18)
sendmmsg$inet_sctp(r1, &(0x7f0000000a80)=[{&(0x7f0000000040)=@in6={0xa, 0x4e22, 0x9, @remote, 0x7fff}, 0x1c, &(0x7f0000000280)=[{&(0x7f0000000080)="32941ca88f4da12c256c2087353718269194026b3c16776026e3a5b7e42974f4584fd4354ef72f0a898abf6c160eec867951978070ee0710b5e8ad86b6dc1b65846ad94690196d9aca6c0a3a58b979e672390116ad6aca3329ff477662fb10f9ca0c7ccf6a598cee70980abb0a0269bf0cfc6313d6dfea84eab0c8cd0ed1c417133ac8bb639f798df500086c7024ea7f18d4b1345d5ff33abbf32ed5b359d364f7f4f3a65efedd890f4d3627200f599be6f78260254bc2930ef6aba7ab6b7fe7c29f079350f6a8c10d585e3ef0dff02dee02", 0xd2}, {&(0x7f0000000180)="62669d532c1f4505cf1464afe78f8209c42f1e13b563670e49868ea4933a7d7a7baa35c92f900f75ae1d159bb80551d6cdaa4165325e532c4daa39e0d1f1de4b9f962203d65736c0425d88685eb7c3b8e4e453439aab70ba40bb178310946b4bd2117c89c7f9304f147f860e4e4d821d801488f9a4ef4c6e3c649ffdae2c66dfaff4488796186304ce52183397b11328f9059f8617f937a30de0c3161e16ec824a52e293e7acd96c7dbaaf8598304db9df78de024c4f08da8aeb8205322d496043dd48f06c63f8f4347de40e67d632a0b3ce9f66754f47a939d7d67fd5afe6d9f1a71878", 0xe4}, {&(0x7f0000000340)="093654703a2ed9ee4e4db66b47991788583f3a01e6a0c7c2cc55fb077cc88f410653bf981505ee8ed791a871d64f31f858060abf28e97ad2f246f962104431d45e58a366c2f7ebd7d40e7eb7be351c13325d6f698d3ff048a9f14d57fd2cae444038c38b8200e51d2fdb11b66f330deff7e3c5b8194c58cb1f2018ebc2ff71a930bba8d0fccc521bcdeb53ddf51b3717eb55a1bb5bf44a061e64cad9e1b9a1a20c270f96341a56", 0xa7}], 0x3, &(0x7f0000000440)=[@dstaddrv4={0x18, 0x84, 0x7, @loopback}, @dstaddrv6={0x20, 0x84, 0x8, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x12}}}, @sndrcv={0x30, 0x84, 0x1, {0x61f, 0x1, 0x8000, 0x20, 0x3, 0x4, 0xff, 0x3ff, r2}}], 0x68, 0x84}, {&(0x7f00000004c0)=@in={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000009c0)=[{&(0x7f0000000500)="afce38d1a01c106725591d574d3caf5c2a6145e3f00785340065f1d2d76dc7394ceecacb63650425e4522b6b02b31b8fd9d1d0cf09af476b52e3b7f38a5d44571122", 0x42}, {&(0x7f0000000580)="ad69ddc87eb245310994d2413e51b35ab05b6a9f243166b28df504ca7f957864e28f7913bf0b4774a0a8ce62904f3f2ca0266780f2b6494d633649cc9677201c0c852badc5096b3c73614520d4c8a5300b3f0dcef0b761f06725f8a15b4aa3dff00cdedd90f8a45d4364f9bad20ef39dc62e9c8a1e1c2f8548a657a037f62edfa36683a3d667de12824e9e3721", 0x8d}, {&(0x7f0000000640)="d3b7fd41434995ec1d1a45586c5817653dcc5fab8a05864f87cf23a57da10a6d0f98e48fbf227e49c1f9e92664924872ff5d5c317964237bfa9cecfc8f4717d4ed6b1841af449f5c806af8bc6e3f8dd45d6b7e2834e3d6e13e43f9daffbc6a32d8b44ccf1e2902ead7630268ca79e84813a1ef758838272eb93733a55ed803e927c4f13507b8b42cd2d0569e9639583022409c71f2e3c97cb77c84dc5b27074fb41388d11acacb705d1b7ac1a88ab14f70d2fac5d8961c0b444f0d1edb152edf5229995e0a3573f87c64a9ee122220a25cba844e06b342e3f04d43287c6c011313fdfbd6c155b1bd", 0xe8}, {&(0x7f0000000740)="18dbeafab69d37d8cc45c7ec2b529ac1248b8ad323fbdb7e6ff978223a06cc55bd9bec2a2ba27459096852dfc90673d5", 0x30}, {&(0x7f0000000780)="72cc0d5b1afac77fea348589bd4d45d7cd8d98df7745a8c15b9034155ecdd8ba6eb5c6532044897c982497143d28bd7e76de84bf71fd379fb48d3af9275c8b4ce742cf032730964f", 0x48}, {&(0x7f0000000800)="bcc89545e6b409dfc5668e8950cce5e67b7d42cda99198cbd89c99e87e9a93ccfce701de2f791ff98eea4b525e06f1db2efbb8e37a2a5fb556400263c5bb3743f1c972a7278b6c53daf8dafd85cc7f8cedf44c9177946197db24dd7dcc217a509c6030b67da3dc482ff1171050667c8d4ea5e840c57cd0fdc759a87f6d66d0d9f517c3bef5d1e3a28c10bbe109ca516678fec1671a179bdc05b7cb828e1450629c67589caca7e0a92688447864b5959b4cec2a85401c366aaf4249c0c94247efff1530437d2862d8eb38abf26cdc2e997e448f5c397494bc34699662d847a4378cb595c40699111b4af6f6ab688f1a73", 0xf0}, {&(0x7f0000000900)="79076749958100b547cd8cd2a77f5294b4a2b1240f2fafb1361d9e5ac4136145375053c3a1c45525b1079a8ddfd0a1e2d4151c90f6280a15fd0bf99430b9f87649f503668b12d09a90f2ba865bd4eb69f8714e87cb347f74e53aa7f97b3dcc", 0x5f}, {&(0x7f0000000980)="596321a0a91604ff6fa3e28e55bfc579c0", 0x11}], 0x8, &(0x7f0000000a40)=[@authinfo={0x18, 0x84, 0x6, {0x8001}}], 0x18, 0x90}], 0x2, 0x40800)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)

00:34:49 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
syz_extract_tcp_res$synack(&(0x7f0000000140), 0x1, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
write$FUSE_POLL(r1, &(0x7f00000000c0)={0x18, 0x0, 0x8, {0x1}}, 0x18)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:34:49 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x0, 0x0)
r2 = getgid()
ioctl$TUNSETGROUP(r1, 0x400454ce, r2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:49 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x3, &(0x7f00000033c0)=@framed, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:49 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$inet_IP_IPSEC_POLICY(r1, 0x0, 0x10, &(0x7f0000000100)={{{@in6=@mcast2, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in=@remote}, 0x0, @in=@loopback}}, &(0x7f0000000200)=0xe8)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000240)={@empty, 0x23, r2})
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x8, &(0x7f00000000c0)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  365.160871][T21392] input: syz1 as /devices/virtual/input/input337
[  365.175136][T21395] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:49 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x800)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:49 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x3, &(0x7f00000033c0)=@framed, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:49 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f00000000c0)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x0, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$PPPIOCGIDLE(r1, 0x8010743f, &(0x7f0000000080))
socket$inet_udplite(0x2, 0x2, 0x88)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3, 0x0, 0x0, 0x94b4}}, 0xa)
ioctl$TIOCNOTTY(r1, 0x5422)
getsockopt$inet_sctp6_SCTP_AUTOCLOSE(r1, 0x84, 0x4, &(0x7f0000000100), &(0x7f0000000140)=0x4)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  365.308874][T21402] input: syz1 as /devices/virtual/input/input338
[  365.369259][T21414] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:49 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:34:50 executing program 3:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:50 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000080)='/dev/midi#\x00', 0x0, 0x0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')
sendmsg$TIPC_NL_NET_SET(r1, &(0x7f00000002c0)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x8}, 0xc, &(0x7f0000000280)={&(0x7f0000000380)=ANY=[@ANYBLOB="180100000d18fc21afa2c80fcd5cbd5c08680a27b257d5c6162775d317e5186604c34d3aa49b336314f3ab17880b6202a6bcfd7eade03b025dc426c042a53985e608b48ab41c4424446981d00fce15f2ea6471292614aa125d112c52b1954204d4c3e075c583d7b941fb6bdcdeff89f4d953390a06095a1ff40f936a21f24487b43fcaed575fcc6e37c0aa2a26db490c8ef42a5b5f18b6cf6ddb5069887b7a9823", @ANYRES16=r2, @ANYBLOB="18002dbd7000fddbdf250f0000000c00070008000200010000002000020004000400080001000500000008000100f90700000800020002000000d800050008000100696200002c0002000800020005000000080004000600000008000400ffff0000080003000900000008000200050000003c00020008000300020000000800010007000000080002000800000008000300010000800800030003000000080004000000010008000400500c00002400020008000300070000000800020080000000080002000600000008000400020000002c0002000800030044040000080001000e000000080004001934c347080003009f01000008000100170000000c00020008000200ff03000008000100"], 0x118}, 0x1, 0x0, 0x0, 0x20000080}, 0x200408d1)
unshare(0x20040600)
ioctl$TUNSETTXFILTER(r1, 0x400454d1, &(0x7f0000000340)=ANY=[@ANYBLOB="01000700f1b917846084ffffffffffff000000000000ffffffffffffaaaaaaaaaabbaaaaaaaaaaaa000000000000"])
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x10000026e)
r3 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8, 0x600)
write$USERIO_CMD_REGISTER(r3, &(0x7f0000000040)={0x0, 0x5}, 0x2)

00:34:50 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x101000, 0x0)
getpeername$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)

00:34:50 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x0, 0x0, 0x6, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:50 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
getpid()
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:50 executing program 5 (fault-call:9 fault-nth:0):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:50 executing program 1:
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x109201, 0x0)
ioctl$PPPIOCSMRU1(r0, 0x40047452, &(0x7f0000000180)=0x401)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f0000000080)=0x8, 0x4)
recvmmsg(r1, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x80000000, r1)
fsetxattr$security_selinux(r0, &(0x7f0000000140)='security.selinux\x00', &(0x7f00000001c0)='system_u:object_r:udev_helper_exec_t:s0\x00', 0x28, 0x3)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
ioctl$KVM_TRANSLATE(r2, 0xc018ae85, &(0x7f0000000200)={0xd000, 0x0, 0x7, 0x1194a00000, 0xf})
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  366.019467][T21436] input: syz1 as /devices/virtual/input/input339
00:34:50 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x1, 0x2)
write$P9_RRENAME(r2, &(0x7f0000000040)={0x7, 0x15, 0x2}, 0x7)
getsockopt$inet_sctp6_SCTP_PR_STREAM_STATUS(r1, 0x84, 0x74, &(0x7f0000000080)=""/78, &(0x7f0000000100)=0x4e)

[  366.089898][T21439] FAULT_INJECTION: forcing a failure.
[  366.089898][T21439] name failslab, interval 1, probability 0, space 0, times 0
[  366.107938][T21439] CPU: 0 PID: 21439 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  366.115965][T21439] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  366.126036][T21439] Call Trace:
[  366.129339][T21439]  dump_stack+0x1d8/0x2f8
[  366.133688][T21439]  should_fail+0x608/0x860
[  366.138127][T21439]  ? setup_fault_attr+0x2b0/0x2b0
[  366.143174][T21439]  ? tomoyo_realpath_from_path+0xdc/0x7c0
[  366.148921][T21439]  __should_failslab+0x11a/0x160
[  366.153882][T21439]  ? tomoyo_realpath_from_path+0xdc/0x7c0
[  366.159626][T21439]  should_failslab+0x9/0x20
[  366.164148][T21439]  __kmalloc+0x7a/0x340
[  366.168316][T21439]  ? tomoyo_realpath_from_path+0xca/0x7c0
[  366.174075][T21439]  tomoyo_realpath_from_path+0xdc/0x7c0
[  366.179648][T21439]  tomoyo_path_number_perm+0x1e0/0x740
[  366.185133][T21439]  ? tomoyo_check_path_acl+0x180/0x180
[  366.190602][T21439]  ? trace_lock_release+0x135/0x1a0
[  366.195818][T21439]  ? __lock_acquire+0x4750/0x4750
[  366.200863][T21439]  ? fget_many+0x30/0x30
[  366.205129][T21439]  ? debug_smp_processor_id+0x1c/0x20
[  366.210514][T21439]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  366.216598][T21439]  tomoyo_file_ioctl+0x23/0x30
[  366.221378][T21439]  security_file_ioctl+0x6d/0xd0
[  366.226319][T21439]  __x64_sys_ioctl+0xa3/0x120
[  366.226335][T21439]  do_syscall_64+0xfe/0x140
00:34:50 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = add_key(&(0x7f0000000040)='dns_resolver\x00', &(0x7f0000000080)={'syz', 0x2}, &(0x7f00000000c0)="bbd9caf0c90c99f2f9aaca41", 0xc, 0xfffffffffffffffd)
r2 = add_key(&(0x7f0000000180)='blacklist\x00', &(0x7f00000001c0)={'syz', 0x1}, &(0x7f0000000200)="5ca4effff40c862484ed77b1d5bc8486f8750cbfa51040ef49d5077b95edd3d10001c43adee80468ca1e211f47b174b6eed76386048ee97b1061813160592908de945dc86675f62260b6458b893c0651f73e3eee8ee3a42d", 0x58, 0xfffffffffffffffd)
keyctl$search(0xa, r1, &(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x3}, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)

00:34:50 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x0, 0x0, 0x0, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:50 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x0, 0xffffffffffffffff, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  366.226348][T21439]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  366.226363][T21439] RIP: 0033:0x459829
[  366.235545][T21439] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  366.235550][T21439] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  366.235560][T21439] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  366.235565][T21439] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
00:34:50 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000140)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f0000000400)={&(0x7f00000000c0), 0xc, &(0x7f00000003c0)={&(0x7f0000000180)={0x230, r2, 0x2, 0x70bd25, 0x25dfdbfd, {}, [@TIPC_NLA_LINK={0x30, 0x4, [@TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz1\x00'}]}, @TIPC_NLA_NET={0x18, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x3}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x400}]}, @TIPC_NLA_LINK={0x8c, 0x4, [@TIPC_NLA_LINK_PROP={0x34, 0x7, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x10001}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x7fffffff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x400}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}]}, @TIPC_NLA_LINK_PROP={0x54, 0x7, [@TIPC_NLA_PROP_WIN={0x8}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x200}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_TOL={0x8}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x553}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1f800000000}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1a}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x15}]}]}, @TIPC_NLA_MEDIA={0x108, 0x5, [@TIPC_NLA_MEDIA_PROP={0x44, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x5}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x101}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9a}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fffffff}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1ff}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1f}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x5}]}, @TIPC_NLA_MEDIA_PROP={0x14, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x18}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x3c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x9}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xb}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x100000000}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fff}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x2}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x9}]}, @TIPC_NLA_MEDIA_PROP={0x1c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}]}, @TIPC_NLA_MEDIA_PROP={0xc, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x9}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_PROP={0x24, 0x2, [@TIPC_NLA_PROP_MTU={0x8, 0x4, 0xfff}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x13}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10000}]}]}, @TIPC_NLA_BEARER={0x40, 0x1, [@TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'eth', 0x3a, 'tunl0\x00'}}, @TIPC_NLA_BEARER_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x14}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x6187}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x7fffffff}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xdcc5}]}]}]}, 0x230}}, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  366.235570][T21439] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  366.235575][T21439] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  366.235579][T21439] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  366.336035][T21439] ERROR: Out of memory at tomoyo_realpath_from_path.
00:34:51 executing program 3:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:51 executing program 0:
r0 = openat$vcs(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vcs\x00', 0x1, 0x0)
ioctl$SG_GET_REQUEST_TABLE(r0, 0x2286, &(0x7f0000000340))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000005, 0x0)
unshare(0x20040600)
r3 = open(&(0x7f0000000000)='./file0\x00', 0x200000, 0x81)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r3, &(0x7f00000001c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000180)={&(0x7f00000000c0)={0xa8, r4, 0x800, 0x70bd2c, 0x25dfdbfb, {}, [@IPVS_CMD_ATTR_DAEMON={0x14, 0x3, [@IPVS_DAEMON_ATTR_SYNC_ID={0x8, 0x3, 0x3}, @IPVS_DAEMON_ATTR_MCAST_PORT={0x8, 0x7, 0x4e22}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8, 0x5, 0x3}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e21}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e24}]}, @IPVS_CMD_ATTR_SERVICE={0x30, 0x1, [@IPVS_SVC_ATTR_FWMARK={0x8}, @IPVS_SVC_ATTR_PORT={0x8, 0x4, 0x4e22}, @IPVS_SVC_ATTR_FLAGS={0xc, 0x7, {0x10, 0x4}}, @IPVS_SVC_ATTR_PROTOCOL={0x8, 0x2, 0x1}, @IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'sh\x00'}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e24}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x7}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x5}, @IPVS_DEST_ATTR_ACTIVE_CONNS={0x8, 0x7, 0x800}, @IPVS_DEST_ATTR_TUN_TYPE={0x8, 0xd, 0x1}, @IPVS_DEST_ATTR_FWD_METHOD={0x8, 0x3, 0x4}]}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20000000}, 0x4004080)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

00:34:51 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x0, 0x0, 0x0, 0x2, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f00000000c0), 0x0, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:51 executing program 5 (fault-call:9 fault-nth:1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:51 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x802, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r1 = syz_open_dev$cec(&(0x7f0000000000)='/dev/cec#\x00', 0x0, 0x2)
ioctl$IMSETDEVNAME(r1, 0x80184947, &(0x7f0000000040)={0x6, 'syz0\x00'})
socket$bt_rfcomm(0x1f, 0x1, 0x3)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
socket$rxrpc(0x21, 0x2, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:51 executing program 1:
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000000c0)=0x2, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r1, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  366.947818][T21476] input: syz1 as /devices/virtual/input/input342
[  367.004086][T21480] FAULT_INJECTION: forcing a failure.
[  367.004086][T21480] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[  367.017330][T21480] CPU: 0 PID: 21480 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  367.017337][T21480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  367.017340][T21480] Call Trace:
[  367.017364][T21480]  dump_stack+0x1d8/0x2f8
[  367.017378][T21480]  should_fail+0x608/0x860
[  367.017400][T21480]  ? setup_fault_attr+0x2b0/0x2b0
00:34:51 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x0, 0x0, 0x0, 0x0, 0x1, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  367.035456][T21480]  ? trace_lock_acquire+0x1d0/0x1d0
[  367.035468][T21480]  should_fail_alloc_page+0x55/0x60
[  367.035479][T21480]  prepare_alloc_pages+0x283/0x470
[  367.035490][T21480]  __alloc_pages_nodemask+0x11c/0x790
[  367.035502][T21480]  ? gfp_pfmemalloc_allowed+0x130/0x130
[  367.035518][T21480]  ? __might_fault+0xd2/0x160
[  367.043134][T21480]  kmem_getpages+0x56/0xa20
[  367.043148][T21480]  cache_grow_begin+0x7e/0x2c0
[  367.043163][T21480]  cache_alloc_refill+0x311/0x3f0
[  367.098185][T21480]  ? check_preemption_disabled+0xb7/0x2a0
00:34:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x0, 0x40280)
ioctl$VIDIOC_LOG_STATUS(r1, 0x5646, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  367.103932][T21480]  __kmalloc+0x318/0x340
[  367.108190][T21480]  ? tomoyo_realpath_from_path+0xdc/0x7c0
[  367.113937][T21480]  tomoyo_realpath_from_path+0xdc/0x7c0
[  367.119507][T21480]  tomoyo_path_number_perm+0x1e0/0x740
[  367.124989][T21480]  ? tomoyo_check_path_acl+0x180/0x180
[  367.130500][T21480]  ? trace_lock_release+0x135/0x1a0
[  367.130519][T21480]  ? __lock_acquire+0x4750/0x4750
[  367.130543][T21480]  ? fget_many+0x30/0x30
[  367.145117][T21480]  ? debug_smp_processor_id+0x1c/0x20
[  367.145131][T21480]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  367.145144][T21480]  tomoyo_file_ioctl+0x23/0x30
[  367.145159][T21480]  security_file_ioctl+0x6d/0xd0
[  367.145171][T21480]  __x64_sys_ioctl+0xa3/0x120
[  367.145186][T21480]  do_syscall_64+0xfe/0x140
[  367.145201][T21480]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  367.145213][T21480] RIP: 0033:0x459829
[  367.145225][T21480] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
00:34:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$bt_l2cap_L2CAP_CONNINFO(r1, 0x6, 0x2, &(0x7f00000000c0), &(0x7f0000000140)=0x6)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:51 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
readv(r0, &(0x7f0000000200), 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
getsockopt$IPT_SO_GET_ENTRIES(r1, 0x0, 0x41, &(0x7f0000000200)={'filter\x00', 0x7b, "2162e09b6cb9dfdecbb6abeb7b0b71be136bf5417ceee5e7aa4db0e03922b59f3c336b490564e1e89234b088b69b9fc2419ff0c3f7c8874eb0d073d18cc096c90cc4b712f89e8b8f3c07d29b045520289ec49d23a6f730f6a7e8025b9f234fc427c4a93ada220b5041c4deaaab03875ea71a8b63ba83b1dfab6e16"}, &(0x7f00000002c0)=0x9f)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r1, 0x84, 0x6c, &(0x7f00000000c0)={<r3=>0x0, 0xa, "531c2d115422d8b68148"}, &(0x7f0000000140)=0x12)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000180)={r3, 0x9, "6c91e27876ec66bf80"}, &(0x7f00000001c0)=0x11)
ioctl$MON_IOCT_RING_SIZE(r1, 0x9204, 0x278b4)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:51 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x81)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
getsockopt$EBT_SO_GET_INIT_ENTRIES(r1, 0x0, 0x83, &(0x7f0000000180)={'filter\x00', 0x0, 0x4, 0xbe, [], 0x3, &(0x7f0000000080)=[{}, {}, {}], &(0x7f00000000c0)=""/190}, &(0x7f0000000200)=0x78)
fsetxattr$trusted_overlay_opaque(r0, &(0x7f0000000000)='trusted.overlay.opaque\x00', &(0x7f0000000040)='y\x00', 0x2, 0x1)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  367.145230][T21480] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  367.185321][T21480] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  367.185327][T21480] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  367.185331][T21480] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  367.185336][T21480] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  367.185340][T21480] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  367.368629][T21476] input: syz1 as /devices/virtual/input/input343
00:34:52 executing program 3:
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:52 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu={0x0, 0x0, 0x0, 0x0, 0x0, 0x60}]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:52 executing program 5 (fault-call:9 fault-nth:2):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:52 executing program 0:
r0 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x20000)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, &(0x7f0000000100)={<r1=>0x0, 0xc0, &(0x7f0000000040)=[@in6={0xa, 0x4e22, 0x0, @rand_addr="af31309e61166cdd6b5a8c1773e79046", 0x2}, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x21}}, @in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, @in6={0xa, 0x4e20, 0x1, @empty, 0x5}, @in={0x2, 0x4e21, @initdev={0xac, 0x1e, 0x1, 0x0}}, @in={0x2, 0x4e20, @empty}, @in={0x2, 0x4e22, @remote}, @in6={0xa, 0x4e20, 0xca00, @initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x80000001}, @in6={0xa, 0x4e21, 0x20, @dev={0xfe, 0x80, [], 0xd}, 0xec9}]}, &(0x7f0000000140)=0x10)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000180)=@assoc_id=r1, 0x4)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$TIOCSCTTY(r0, 0x540e, 0x7)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)
accept4$ax25(r0, &(0x7f00000001c0)={{0x3, @bcast}, [@bcast, @remote, @null, @bcast, @null, @netrom, @netrom, @bcast]}, &(0x7f0000000240)=0x48, 0x80800)

00:34:52 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
syz_open_dev$vcsa(&(0x7f0000001640)='/dev/vcsa#\x00', 0x7, 0x600000)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-control\x00', 0x100, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000200)={<r2=>0x0, r1, 0x0, 0x1, &(0x7f00000001c0)='\x00', 0xffffffffffffffff}, 0x30)
process_vm_readv(r2, &(0x7f0000000480)=[{&(0x7f0000000240)=""/178, 0xb2}, {&(0x7f0000000300)=""/239, 0xef}, {&(0x7f0000000400)=""/53, 0x35}, {&(0x7f0000000440)=""/51, 0x33}], 0x4, &(0x7f0000001600)=[{&(0x7f00000004c0)=""/48, 0x30}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f0000001500)=""/5, 0x5}, {&(0x7f0000001540)=""/139, 0x8b}], 0x4, 0x0)
accept4$rose(r1, &(0x7f0000000140)=@full={0xb, @dev, @null, 0x0, [@null, @rose, @bcast, @bcast, @netrom, @netrom]}, &(0x7f0000000180)=0x40, 0x80000)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r3 = fcntl$dupfd(r0, 0x0, r0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r3, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:52 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0xdb7, 0x40000)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  367.859098][T21525] input: syz1 as /devices/virtual/input/input344
00:34:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
fchdir(r1)

[  367.922316][T21523] FAULT_INJECTION: forcing a failure.
[  367.922316][T21523] name failslab, interval 1, probability 0, space 0, times 0
[  367.944332][T21523] CPU: 0 PID: 21523 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  367.952362][T21523] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  367.962426][T21523] Call Trace:
[  367.962453][T21523]  dump_stack+0x1d8/0x2f8
[  367.962469][T21523]  should_fail+0x608/0x860
[  367.962482][T21523]  ? setup_fault_attr+0x2b0/0x2b0
[  367.962493][T21523]  ? tomoyo_encode2+0x273/0x5a0
[  367.962504][T21523]  ? d_path+0x680/0x680
[  367.962516][T21523]  __should_failslab+0x11a/0x160
[  367.962526][T21523]  ? tomoyo_encode2+0x273/0x5a0
[  367.962538][T21523]  should_failslab+0x9/0x20
[  367.962556][T21523]  __kmalloc+0x7a/0x340
[  367.984421][T21523]  ? tomoyo_realpath_from_path+0xdc/0x7c0
[  368.012654][T21523]  tomoyo_encode2+0x273/0x5a0
00:34:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
syz_open_dev$mouse(&(0x7f0000000000)='/dev/input/mouse#\x00', 0x7f, 0x40000)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x10000, 0x0)
socket$inet6(0xa, 0x4, 0x5)
openat(r1, &(0x7f0000000080)='./file0\x00', 0x200002, 0x80)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/dlm-monitor\x00', 0x440, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x1dc818c87e8dd919)

00:34:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x10000)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
setsockopt$inet_sctp_SCTP_AUTH_CHUNK(r1, 0x84, 0x15, &(0x7f0000000000)={0x7}, 0x1)

[  368.017342][T21523]  ? anon_inodefs_init_fs_context+0x70/0x70
[  368.023262][T21523]  tomoyo_realpath_from_path+0x769/0x7c0
[  368.028928][T21523]  tomoyo_path_number_perm+0x1e0/0x740
[  368.034409][T21523]  ? tomoyo_check_path_acl+0x180/0x180
[  368.039881][T21523]  ? trace_lock_release+0x135/0x1a0
[  368.045106][T21523]  ? __lock_acquire+0x4750/0x4750
[  368.050158][T21523]  ? fget_many+0x30/0x30
[  368.054505][T21523]  ? debug_smp_processor_id+0x1c/0x20
[  368.059938][T21523]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  368.066023][T21523]  tomoyo_file_ioctl+0x23/0x30
[  368.070805][T21523]  security_file_ioctl+0x6d/0xd0
[  368.075756][T21523]  __x64_sys_ioctl+0xa3/0x120
[  368.080446][T21523]  do_syscall_64+0xfe/0x140
[  368.084971][T21523]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  368.090867][T21523] RIP: 0033:0x459829
[  368.094757][T21523] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  368.114429][T21523] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
00:34:52 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:52 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$inet6(r1, &(0x7f00000000c0)={0xa, 0x4e22, 0xc4, @mcast1, 0x6}, 0x1c)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  368.122935][T21523] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  368.130926][T21523] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  368.138920][T21523] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  368.146908][T21523] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  368.154875][T21523] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:34:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff})
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000080)='/dev/sequencer\x00', 0x40000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80000, 0x40)
r2 = openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x60240, 0x0)
r3 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000140)='/dev/autofs\x00', 0x101100, 0x0)
write$UHID_SET_REPORT_REPLY(r2, &(0x7f0000001b00)={0xe, 0x8, 0x4, 0x100000001, 0xf6, "b5197a7d6e29e34dd661f53661d28d486b6c784321a74c6c5fff5d8bf6b2d702a84db49084055577f99088d7ac6567462f49b3f0d7102c136d636541e023e2cedb136e6987c3987f67aaead023cdc711a630fb01603d6268073d3ce77f4a8eccf05b7b88183b95e9015c82cc12e2e71b3214931d6ec37adf4669f5fb606ccb525c977e22dfd60fbb5846983d17ae3032d119d04d00bd2ac6b188be092c3e8476d15863f3a00d7f2b7141a3075c963299a793966e199fe7cbfa379d62f6951ca8914a8e7033f252be580e2cb8fb2a817aea6717867d27f1b98cea2b4987b42d2937c319e4c7be6623806f5055dee0808fe445bbcd923f"}, 0x102)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x0)
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r4, 0x6685, &(0x7f00000013c0)={0x1, 0x945f, 0x1000, 0x65, &(0x7f0000000340)="1cfa2a02cd808bcbd6fed30cafe47b1675c43a4cd87872655ea885a1a92f82ae218c0e519d88a0cf3efc51c88505a24451bf2aaba908013d6054a006d2e1d5efd912b81309628a7161bc84b31d3fb4f6363bb1b1866337b628e14f3c7993fd047a388a110f", 0x1000, 0x0, &(0x7f00000003c0)="388e736236127190c1c9cc3591cc843c1f243a02557ebce3158808c1f49c75050521773254ab154d664e08f6e2af8fee634b123717b01d4f19d6031e5221241c85e85190027252391a8ba39f410ff20d3ab597eeb1bfdcee06e2d8cb344b23240e61d1f4d4bc08167e482e127784956dfcf79e2e45c8e71f9ae7f96d84ad6d650512d7d01138c163f682c39a6f8fcc10be09c87328b1ce230613cc475b804275ce6e574841a189203faf43d23cd4bd93cf3997c03f91f40f120e9e445d64e4028ae83bff213b14e6e3ec239b9b0a205b311f6b150522c589688abcb87cec6e6dc2a86dfaa1b8169629438c9827b11427db598ff65522aa4520f1e3ff945d53a648026918dfa9490da324b55891e6b130994453453d1dba15f19e1b62b801386b2c84a8b4e647b0e750f8f427d71d8d28ba4de4256677ab1d02fa9e1fec60d20f2f10d1dbbb21ad1428136f5347adf2ae026dce0de46a6ba177f41c55bb3f76d6ad27929cf1c24cd9959efe7e8a94d0cd3f9c1cdc2ded164f80efe3c1c0f7ed647ec134b17550b8e7051f9fdba8c4c13267e4c4b9cc6a756245d726908cad8da623411bca9944be31457695d4fbd3159e37395beaa74ec6a39a1001ebaf0cf3086622b37ed7aad745410efa421eb78d6684314d41761ec18f0ed56df2f9dc2118d0d19f30e9a4679d499e88eaeccd1d807eed8f36347a1d329154465918b27deb25ae653fdad13920095b3ebb7806c2b24ecea3124762576b9ab17552e131b5ef2cea0dd84ae0610cd51c49c56aba3f98bfcd8a7a96bc368af9090bfd89618fefe53f0001641b6ee258b4ab25832317faf07f4c4b6eb925284db3257f48b4b52a3d75cf051f56fb2c6b442aad22407b96fbe729e71baea662619d60f31b0099d5efb6ce7087433b7d9d89e6c57150e651b090f94c62929fd2bd093ef1fdcde1471ab975c62c1ea38fede976679f7ebbc85cba2fcd8a7532c4141e42c9201ff82300082e30a6af6544ebc92379704479ef000550f947bfca712d3b7b7ff08c1d92795b015f7a3782b711d270dd81c5ede0219844c7e1b8c76eb115e5e36a2e43ebefd635d1d8be9b5de2d427832ed6464d25bd6fa4d1cfe14c2fa79f9b205c084d9b8acdc54e5b483a57be4d115d018de60e980012fa0f6aca9792d4c5b1d82701412dc72c33ad535fce86a233ae9e886a49743556240f608ed43cb44082d7ca60fd59972cf4b8c7c94c020bb665f9e44f6f91bb0d22da6ceccb87a6e3af5aaca71aa39c102ecc95f75a55c53710a8295422d3db35e833603d773ca9d226435f1561826bb46d10a6c8e62d5c859fef7ce3b5e9c6593097c01b840a3e32a7155568f0ee57218fd64fc862139ccd5ef0ec37bf1ce55c1ebdffe534cf8ae3715da9f7b034b7c549ffa7d090cc162443b1be84773d15cec9ef9ac88f3763fc8b0f6c10213d63de0ca0e90de446e9e0b67fcc7a254ac0dd1f9e61356de3c0d78f21dfad6fd83c464fa815225a29eabe53aec38d7ee9cb44e30feb5710c4b047ee7f1a5eb8aec8e9b662adb3681f7dc093ce59a5efd163fca750e0e4b415e0bbe52c8aae18aeb40f285e2f6aea12f72c464489182ea06cdf8e4b23627bc255ece71ae9113a7c6905ee84e64109144c119deef36b75a51e33cc64578e0066534f999f980e9423d53f505616b9f222612cf63d3d4f94aecdda6e9338f37b0bada43a5519ba5985eee5af2cc42b5fafb7607322ab505019d673cf3639b165c206b7cdf7c5dced8e8d6c9f593a9d6f1a94fb3457af5a88a9811a58e9d265d9cebe13f125f9d93eec0342ec6d7f88b1069f027b46d8c8cb510aed533e64fe2b27100900aea3cd83547a678d84e24dfe915c301b0810dfb2c0d18306191a425ed6a9da4a70403ce88048457b66c7fc2a80a2320ddb5f3bf6fc76aaa27dd05ec84e02e7efd6ba487b25a23cba42aec2b8dc980e912c79af6b885385df09aa5e1189ae18884f9125a2fb66bb3bd6867a20c8d3b2ee7501f8a93a8e6415594e7dd4dddafdeac4f034993cd251e11fc42515a29902ed2209e183ca79f94fb1e5eaf5a662e303c09d3aa92cdac192355d84f686c1129d1fa4894b149210c01b188fb2069267ba1fcac6f4ed2a043f652d93072bfa1660f74ce8afc9c375a00097b1d919edbb3e946c10dcf45eee2affb1b89335545e036d08aec2044634daad880392f0384618d1afc8b723729ac4a306c711c7f46efaede562e968b198248c6a171c8874cd8ec500c1146a861b83ade9ab0f74faed8c09f5b879fe4e1234162e57348d7d2d427aec817859da824a8c8bb5a5b22eb867bb51df933c02c1da1c771ca579b3282f70d9e887a7cea32df42c0588fc4701c64bdc0f0e6e3f4acb262d963fd00fc13209d3b9a6722445c6c30cb79d519e6ecc436adf06fd3879a2c104793bf55e7e2e77d0229037daa2577e1bcffdedd2a9278dd9cbdb160c680db698d8464b73a92d8631de05b41a8195a65d22a4ff173056ae8b3f6c1221f66996f42ef95a7a94b6f805e00b840914ccb6b989d43a45e3f87be401beaacfcd8262f32dc340da8fb31d276133b1eaf6609ed8e8b34a50ac69c421ffe28d9742d0fd546c8a177fc166bfc9d3f177d550f15f29da32b184a9243d1f886b9584df045512c279ce88ec1286e233a47d413a80b39edf5dd48ff9731a42b8d283462ec1ae8ab6dcb5bc2f670a89d4340da39046bd6976ad02a9cf303f4f8ba9592bd5bc48368adb31d792720788c58f57b3bbb092235717e1021d9d9245cab61c1cc7c29621d5059f388d44868ce605a839f2bb5083bd55d403efaaa7273caae4bdb9ab02dc2d58ac055bf8b9b27cc742d1483f9330b8a119fd621e2e7eda19931930dae32431ff7efd01f446e3247c3e6302162ebc09d1925c68b6bfda89ab857e58c5b1a1af30371d49a395b68d2e996c6103dfe6e9b3845278ae57a67376c6c2aa11792e8bef46b10bcb348b16ed0c92d6a8fd915b98852ddfb8b2a7789db5ed7551891103f31f6cc23d914efc7cc984aedeb50da5f8ce2c8b5a1a34a537ebb21be709b730cf961ba8ca22e3fadb451d0ad2c8769b7ed023b61c4d6d733de5a6c81cb1d586ff22d03894310163f62f74ae82a6f346ffd61f649b67bf01c4dd6ae8d2dee958e5950e45978913bd23919e66534e4cc6883458a04996661f22076a140f336c293608fc3260848fafe47987ebadd8076429a0adcca7d5c9c1ea078c9c6e6d2a6f89b1db306bf2e8254c3ed8dff3e79ac1829eedc9455f26e921b4b705c41ba8f7fe2f118ae087e26ac18527d6d6e1809e9c02e145d77c6191a43b0279179bb72c34272d7fffdf36ab28904757516f9bd28a077608ba5774f7280e03fb6c9c2c8ab61219e3d8be93b3fda6cab92c0a12e63d3902653e21930da74b970610d1e2d0e6d35ddfa9827c675622e112bac0f16a7a2042846cec22c6877288ed08273500b2fd928976e5215eea13369827468c073783cbf575b4b96cf97a0e790395696d1488c331ea7d9a647f0518ea9b70be472c748e8260da41e6416ac06015dd04287c4563bfaad26b9b2dc597b0d179a9192ce0d82d72af1039080f4f4333e463e39601321fd32f9b58189ec33d2f92c542518cce79c2b0bc9f4169059b7615bda061bb2b3250d1452b915ba7735647d8fdcb011ebc3107c38d4f7e3ed3d8b30ed94aa25edaff89f829d37583410d48535946328a4cae7eba4f3f41c1223b76a19b5188096b4e9d7bf0358c111a2a29a5fd1d127acfa3b3483e387cfe8f6acdba431e5b83a6faf4afc2a613ad9ae5f6bb9655384b0c374ff5f22e19ccf38ce84ce0b02c2c0eb9f70210d3194930eb9983cd85e0dd4b3c1e5ebe14d789872139497f26a4450986c3b136367d28ed2f113b613b41141e4c1e23d24f312000f353a08edd471c58a544d41d2c5e7592288c7882f99ffc7f0d1845a880d38db462a6ffa93cfc186c5e731306687dbed1ea262a62bab565cd8693305f368286951c19ebaad760d16503d56ee030e0d058eac2db46d4b95c75c8b7f16733fb6fb6a6c3710e06c7337e40c1b6a707d669ecabe017387af86e05afc84ae3306012f1af37b8dc0a2262f63f97a3078e1821b40ad63824393e514eca75869da4ed92d535d220a42c2f9d5a56861e09c45f52d570eb6c5646ffa15a235c8653fda88cc5359d23efbe83b84aec6dfb1e8376701e6228bbd7e82734e6652dee2b1fd715b6cc172439e09fc4b509d0d15b64de90b592341f86b92909842b1ad05882cd8338bf12e221359921bda0c9867af43144dbc1e5be1bae20cc8944c80a5b90b44b7db95e8d2a808b2972642e7730bbb76bb5fbeeae372c07f28d2117df0c8077f6c16753933fea7de74f4b21f7af644f6d2205da60171f66e3313f44bcaf4af041e635eeeb578b3779064733521e2dcbac403050dc9eeedef4a62e50fabfb7561a9cd00ec4ae39ad1841344a206381f49d4284757a0968d99b24a6fb36e57193b498c9c77699df6571a22010a118f84c60e81d0dcfeba64bebce621a136d8803332b887fc5b7f9a4d9a0e41c855ac980ea990e88f7692249d067c9a7bd3a5f4499ab9404c40c5ff1928383e11e24b730f13fdf7214424c5a6e6868520e0ad7636efb834c773de23dd00478dadc776c2f67692f7aa9385a80a6580c96bcb593c124d0c30dc66f47db2e868147d9dd75d9e537173c2b130b5dd66691c2ec8b07443e8def446ed5dc72117951d34e158aa86525d3a2b5ce80fe9c346e6ef447e0854f6175a6693e5f3cbf89751462e80ec0836972ae71e4f787b7861f8ddcd3f2bb800ee72ff9189b064b53194257633c752804c2fb717e639e7a9fd464aa57e60789b95c6f20526a393e9efa15db66c541ec9e5ba50e4a523bda39591177d513680206ab8f1cd6b3daca2c9018c21b43f2efde0ba0b73fb067a989682effb6badc729ad1c665018c853f0ffe6caf4b5380f8a381cc28fd4bb13f5cf80a7fc21149062712ff174171e9b5c5ee865bd36a2a38dfe7f0a3bd3d8397f360fe2ed920f8f59c07526a67bb12cb93c507b43f2b03df87f97fe4ae967cc194b36f72f8b58b90b24f3c750bb2cf13e036621e506a98fad1c20fcb28fee6f63c93222cd0e20ee12437b5c4ea68a1bb3cfef5e8e8782560114734c2185e2cc503517f70f39d5a3e3cc8ffd9f16f21fa1cb496be988a5e707bfd956725208d946d6af84fd7db33378f57553a5bfc4beec6c0cc140ea6532a8f94bc873fb84d6b7ee3b6c526570627218d46fd9982cc42226dac30a5a0c0a83256882d0bb5a880f87d8ad779715e8ebfedcf4ef0ecc8a9ddd4899281aa581ef60f4bd0cedb27aae60b345220df0718c26bf8650763bc53606c9a22780e71322335e2ebbd8c5db818df02f4e4d69d55c15eaca79c6217237b0fe659f8590a920325febc8db18b7a953a82421484c4af738bbd8c449f28ff4576d1942929a6ca6f24637ec26620377c32456cf6b4d8947d1e394dad65cfea6f176f9998004a77109fe1ed1e6b0efac8d3baaa7ba99cf5241e0da30af38db2464b2a5de5cd82915579f312e44f46878bdea022c6dcc9eb5fbf6b6a43983106e641b80ed98040590a320c24bb5a987f5c35b413f594f6b5a036fdfbe77b77d6e092469fd3e6da709acffe2bf421395261b04980226021cf906250a1c81200fb993ad4ee14ef996251bb5e4eb28f67677d427ee0788933127a662f9d3a0719c6a4fbe69b1761cba673677942b8433ef6ad72e46f36e01178deb251b89f9756894830a11d38"})
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000001440)={<r5=>0x0, r3, 0x0, 0x3, &(0x7f00000002c0)='!,\x00', 0xffffffffffffffff}, 0x30)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000001680)={{{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r6=>0x0}}, {{@in6=@remote}, 0x0, @in=@empty}}, &(0x7f0000001780)=0xe8)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f00000017c0)={0x0, 0x0, <r7=>0x0}, &(0x7f0000001800)=0xc)
getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, &(0x7f0000001840)={{{@in6=@initdev, @in6=@local, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r8=>0x0}}, {{@in=@dev}}}, &(0x7f0000001940)=0xe8)
r9 = getegid()
sendmmsg$unix(r4, &(0x7f00000019c0)=[{&(0x7f0000001480)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000001640)=[{&(0x7f0000001500)="f78a31fdc24b6e4649b991f5e77f630a48a93136a2bfcf88fad57f8923efa303bc3986b52266b6bd2313705d34e092efffc5b46226beeefdf18c5ed79aad6e8b9369298e6e99086d89f1e7626591c0f6f78c5d16d57e511e9d8c1af507fcd4f8155914417b286002393c2e2517389aa9f09a161b5606f86ee10a80d09ccc26c976c255a66e669189abc9482629baa7f5ba4afd7d2e284a578d87ccb3c2a637ee6e56887398aa5bc10df31e89ed33ba6413c5848661635aa28a10f68944cf66e05c", 0xc1}, {&(0x7f0000001600)="4f07d3081b8e9665856931af06d920ade975153d90466b", 0x17}], 0x2, &(0x7f0000001980)=[@cred={{0x1c, 0x1, 0x2, {r5, r6, r7}}}, @cred={{0x1c, 0x1, 0x2, {r5, r8, r9}}}], 0x40, 0x1}], 0x1, 0x40000)
ioprio_get$pid(0x1, r5)
ioctl$BLKREPORTZONE(r1, 0xc0101282, &(0x7f0000001a00)={0x7, 0x3, 0x0, [{0x3, 0x9, 0x7, 0x18, 0x800, 0x3f, 0x5}, {0x7ff, 0x7ff, 0x7fffffff, 0x4, 0xfffffffffffffff8, 0x1ff, 0x9}, {0x6, 0x9, 0x7fff, 0x6, 0x8, 0x4, 0x6}]})
unshare(0x20040600)
r10 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0x3, 0x10000)
getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, &(0x7f0000000180)={'filter\x00', 0xad, "34230008b5934f16f57e227f41ac86c8830afcf6d8fa994f285ad08ae5e7e6bb5368f84f3ed990b21cfd66e4a0ecdd0503118dfca7981ba5bf5f84a91a8eba0b38195a476a719b92ad8068cf11c43d13460aefffe584b7e13b3f14c402dfb1e2fb583ca1e2e1a3ccf13efeda13821202251b0c6222708108b378955cc16bec925f0d241979d052a8dccf1e4bd25279e7166b455131fbeba4da5a288282a6650577fc857b28f281cf5e4116f774"}, &(0x7f0000000280)=0xd1)
ioctl$KDGETLED(r10, 0x4b31, &(0x7f0000000040))
setsockopt$inet6_tcp_TCP_CONGESTION(r4, 0x6, 0x21, 0x0, 0x0)

[  368.177058][T21523] ERROR: Out of memory at tomoyo_realpath_from_path.
[  368.201030][T21529] input: syz1 as /devices/virtual/input/input345
00:34:52 executing program 3:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:52 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, 0x0, 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:52 executing program 1:
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(0xffffffffffffffff, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r0 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r1, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f00000000c0)={0x73, @local, 0x4e22, 0x3, 'sed\x00', 0x2, 0x1, 0x21}, 0x2c)
bind$bt_rfcomm(r0, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
r2 = gettid()
syz_open_procfs(r2, &(0x7f00000001c0)='ns\x00')
ioctl$EVIOCGKEY(r0, 0x80404518, &(0x7f0000000140)=""/88)
write$P9_RXATTRWALK(r0, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:52 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x442bc2, 0x4)
ioctl$TUNSETVNETBE(r1, 0x400454de, &(0x7f0000000040))
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:52 executing program 5 (fault-call:9 fault-nth:3):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:52 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dsp\x00', 0x100, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x40082406, &(0x7f0000000040)='\x00')
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
recvmsg$kcm(r2, &(0x7f00000002c0)={&(0x7f0000000080)=@ll={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000000280)=[{&(0x7f0000000100)=""/239, 0xef}, {&(0x7f0000000200)=""/97, 0x61}, {&(0x7f0000000340)=""/214, 0xd6}], 0x3, &(0x7f0000000440)=""/4096, 0x1000}, 0x40000000)
bind$bt_hci(r2, &(0x7f0000001440)={0x1f, r3}, 0xc)

[  368.715926][T21558] IPVS: set_ctl: invalid protocol: 115 172.20.20.170:20002
[  368.729373][T21560] input: syz1 as /devices/virtual/input/input346
[  368.745868][T21558] IPVS: set_ctl: invalid protocol: 115 172.20.20.170:20002
00:34:53 executing program 0:
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/sync_retries\x00', 0x2, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, &(0x7f0000000040)='\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
ioctl$VIDIOC_S_JPEGCOMP(r0, 0x408c563e, &(0x7f0000000080)={0x7, 0xf, 0x14, "0801ce8cd6958e1b4fc0b7923bd95a09a689423396d9d939e7be6fce91330af520bb782f5df6a7b58df2641b5abfccb06b48cefcadec7222140fb8a1", 0x2a, "91572e82605ff126400c86eb27015b20c3334c9be8ff372232cdaa0175a5a06720f4650a6133261bc2137830ad879ff3c273b1b210da721530f68394", 0x40})
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

[  368.771675][T21562] dump_vmcs: 8 callbacks suppressed
[  368.771680][T21562] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  368.798072][T21561] FAULT_INJECTION: forcing a failure.
[  368.798072][T21561] name failslab, interval 1, probability 0, space 0, times 0
00:34:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = syz_open_dev$vbi(&(0x7f0000001580)='/dev/vbi#\x00', 0x3, 0x2)
r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000001600)='SEG6\x00')
sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f00000016c0)={&(0x7f00000015c0)={0x10, 0x0, 0x0, 0x40000000}, 0xc, &(0x7f0000001680)={&(0x7f0000001640)={0x2c, r2, 0x0, 0x70bd2b, 0x25dfdbff, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_DSTLEN={0x8}, @SEG6_ATTR_SECRETLEN={0x8, 0x5, 0x5}]}, 0x2c}}, 0x5)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
recvmsg(r0, &(0x7f0000000140)={&(0x7f00000011c0)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000001240)=""/121, 0x79}, {&(0x7f00000012c0)=""/84, 0x54}, {&(0x7f0000001340)=""/166, 0xa6}], 0x3, &(0x7f0000001400)=""/89, 0x59}, 0x121)
r3 = fcntl$dupfd(r0, 0x0, r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f00000014c0)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000001480)={<r4=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r3, &(0x7f0000001500)={0x3, 0x40, 0xfa00, {{0xa, 0x4e22, 0x9, @rand_addr="904a9606dfb51e4382aec4dd772947e6", 0x401}, {0xa, 0x4e22, 0xfff, @ipv4={[], [], @rand_addr=0x8}, 0x53d3}, r4, 0xc0ea}}, 0x48)
read(r3, &(0x7f00000001c0)=""/4096, 0x1000)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r5, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
write$P9_RWSTAT(r3, &(0x7f0000000000)={0x7, 0x7f, 0x2}, 0x4)
bind$bt_rfcomm(r3, &(0x7f0000000180)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3, 0x0, 0x0, 0x2}, 0x1ff}, 0xa)
write$P9_RXATTRWALK(r3, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:53 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x5, 0x1)
ioctl$PPPIOCSPASS(r2, 0x40107447, &(0x7f0000000080)={0x3, &(0x7f0000000040)=[{0x8, 0x1, 0x3, 0x8}, {0x7, 0x8, 0x3, 0x2}, {0xe4, 0x3877, 0x9, 0xfffffffffffffffd}]})
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  368.843553][T21561] CPU: 0 PID: 21561 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  368.851583][T21561] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  368.861652][T21561] Call Trace:
[  368.864962][T21561]  dump_stack+0x1d8/0x2f8
[  368.869319][T21561]  should_fail+0x608/0x860
[  368.873762][T21561]  ? setup_fault_attr+0x2b0/0x2b0
[  368.878809][T21561]  __should_failslab+0x11a/0x160
[  368.883769][T21561]  ? mmu_topup_memory_caches+0x93/0x490
[  368.889342][T21561]  should_failslab+0x9/0x20
00:34:53 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x0, 0x3)
clock_gettime(0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
futex(&(0x7f0000000000)=0x1, 0x9, 0x1, &(0x7f0000000080)={r2, r3+30000000}, &(0x7f00000000c0)=0x1, 0x2)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  368.893863][T21561]  kmem_cache_alloc+0x56/0x2e0
[  368.898648][T21561]  ? mmu_topup_memory_caches+0x93/0x490
[  368.904214][T21561]  mmu_topup_memory_caches+0x93/0x490
[  368.909618][T21561]  kvm_mmu_load+0x9c/0x1cc0
[  368.914140][T21561]  ? trace_lock_release+0x135/0x1a0
[  368.919361][T21561]  ? kvm_mmu_unload+0xf0/0xf0
[  368.924056][T21561]  ? vmx_flush_tlb+0x2b3/0x600
[  368.928837][T21561]  ? kvm_hv_setup_tsc_page+0xb7/0x8f0
[  368.934217][T21561]  ? vmx_set_virtual_apic_mode+0x580/0x580
00:34:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = socket(0x7, 0x0, 0x5)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00')
sendmsg$TIPC_CMD_SET_NODE_ADDR(r1, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x900080}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x320, 0x70bd29, 0x25dfdbfb, {{}, 0x0, 0x8001, 0x0, {0x8, 0x11, 0x53}}, ["", "", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x20040090)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f0000000240)=0xffffffffffffffff, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r3 = fcntl$dupfd(r0, 0x0, r0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r3, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  368.940035][T21561]  ? kvm_apic_accept_events+0x217/0x470
[  368.945605][T21561]  ? __lock_acquire+0x4750/0x4750
[  368.950651][T21561]  ? kvm_lapic_enable_pv_eoi+0x150/0x150
[  368.956301][T21561]  ? vcpu_enter_guest+0xaee/0x5530
[  368.961426][T21561]  ? check_preemption_disabled+0xb7/0x2a0
[  368.967237][T21561]  vcpu_enter_guest+0x3ffc/0x5530
[  368.972307][T21561]  ? local_bh_enable+0x30/0x30
[  368.977085][T21561]  ? lock_acquire+0x158/0x250
[  368.981769][T21561]  ? rcu_lock_acquire+0xd/0x40
[  368.986562][T21561]  vcpu_run+0x393/0xd40
[  368.990743][T21561]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  368.996216][T21561]  kvm_vcpu_ioctl+0x792/0xba0
[  369.000916][T21561]  ? kvm_vm_release+0x50/0x50
[  369.005614][T21561]  ? tomoyo_path_number_perm+0x587/0x740
[  369.011267][T21561]  ? trace_hardirqs_on+0x74/0x80
[  369.016230][T21561]  ? tomoyo_path_number_perm+0x5f0/0x740
[  369.021883][T21561]  ? tomoyo_check_path_acl+0x180/0x180
[  369.027368][T21561]  ? kvm_vm_release+0x50/0x50
[  369.032061][T21561]  do_vfs_ioctl+0x7d4/0x18f0
[  369.036715][T21561]  ? __lock_acquire+0x4750/0x4750
00:34:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
ioctl$sock_proto_private(r0, 0x89ef, &(0x7f0000000140)="05bdbc2479e6977fa72ab5500443ff540e4bc0e17c69d2a4fbeddc0d37e1cc9c9e7638d6b6938b251dcab878a3fd802b731bf5a62a3f0c544b645a00615b544bd145bf979c906a2c5e1bef9a4168d5228875aa4f55c9feb56bb3226fd68dd58ad75a24052779cc6be094fac0b2de8ca7aef1755b56700eb7dad2a01346585aa584ccdf797e8fc0116550b3e6e46fa3066ef0f19489bc89116af554fc153d2889db4bfdf869a0690733276fe86dfd03363aa7c511b86b984ff52a8ff35cbcc6739b24a386250106f8b8f86ea49126059ce9aff29c7983c606d54b377f80377ce85fbba66594c99cab99e0f4228fc01533846b05150d")
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}, 0x4}, 0xa)
sendmsg$rds(r1, &(0x7f0000003080)={&(0x7f00000000c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x22}}, 0x10, &(0x7f00000004c0)=[{&(0x7f0000000240)=""/76, 0x4c}, {&(0x7f00000002c0)=""/255, 0xff}, {&(0x7f00000003c0)=""/234, 0xea}], 0x3, &(0x7f0000002e80)=[@rdma_args={0x48, 0x114, 0x1, {{0xfffffffffffffffb, 0x3ff}, {&(0x7f0000000500)=""/4096, 0x1000}, &(0x7f0000001780)=[{&(0x7f0000001500)=""/203, 0xcb}, {&(0x7f0000001600)=""/251, 0xfb}, {&(0x7f0000001700)=""/110, 0x6e}], 0x3, 0x5, 0x81}}, @cswp={0x58, 0x114, 0x7, {{0x3, 0x1f}, &(0x7f00000017c0)=0x4b3ec796, &(0x7f0000001800)=0x100000000, 0x80000000, 0x2388, 0x7, 0x1, 0x28, 0x1}}, @rdma_args={0x48, 0x114, 0x1, {{0x7, 0x1f}, {&(0x7f0000001840)=""/60, 0x3c}, &(0x7f0000002c40)=[{&(0x7f0000001880)=""/143, 0x8f}, {&(0x7f0000001940)=""/137, 0x89}, {&(0x7f0000001a00)=""/4096, 0x1000}, {&(0x7f0000002a00)=""/42, 0x2a}, {&(0x7f0000002a40)=""/198, 0xc6}, {&(0x7f0000002b40)=""/45, 0x2d}, {&(0x7f0000002b80)=""/152, 0x98}], 0x7, 0x24, 0x4b}}, @mask_fadd={0x58, 0x114, 0x8, {{0xffffffffffffffcd, 0x575}, &(0x7f0000002cc0)=0xc4f, &(0x7f0000002d00)=0x40, 0x6a, 0x0, 0x40, 0x0, 0x0, 0x7}}, @mask_cswp={0x58, 0x114, 0x9, {{0x9, 0xfff}, &(0x7f0000002d40)=0x1, &(0x7f0000002d80)=0xffffffffffff1176, 0x0, 0x2, 0x9, 0x3, 0x10, 0x9}}, @rdma_dest={0x18, 0x114, 0x2, {0x4, 0x4}}, @rdma_map={0x30, 0x114, 0x3, {{&(0x7f0000002dc0)=""/68, 0x44}, &(0x7f0000002e40)}}], 0x1e0, 0x800}, 0x4000)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  369.041760][T21561]  ? ioctl_preallocate+0x240/0x240
[  369.046902][T21561]  ? fget_many+0x30/0x30
[  369.051153][T21561]  ? debug_smp_processor_id+0x1c/0x20
[  369.056543][T21561]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  369.062631][T21561]  ? tomoyo_file_ioctl+0x23/0x30
[  369.067592][T21561]  ? security_file_ioctl+0xa1/0xd0
[  369.072724][T21561]  __x64_sys_ioctl+0xe3/0x120
[  369.077417][T21561]  do_syscall_64+0xfe/0x140
[  369.081942][T21561]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  369.087837][T21561] RIP: 0033:0x459829
[  369.091736][T21561] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  369.111350][T21561] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  369.119846][T21561] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  369.127816][T21561] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  369.135798][T21561] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  369.143969][T21561] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  369.151946][T21561] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  369.172262][T21560] input: syz1 as /devices/virtual/input/input347
00:34:53 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, 0x0, 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:53 executing program 3:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:53 executing program 5 (fault-call:9 fault-nth:4):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/hwrng\x00', 0x0, 0x0)
connect$bt_rfcomm(r1, &(0x7f00000000c0)={0x1f, {0x8, 0x88, 0x5, 0x0, 0x98f, 0x1}, 0x3}, 0xa)
bind$inet6(r1, &(0x7f0000000200)={0xa, 0x4e24, 0xb4, @local, 0x100}, 0x1c)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
setsockopt$packet_int(r1, 0x107, 0x12, &(0x7f0000000140)=0x80000000, 0x4)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:53 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x7, 0x2000)
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x7, 0x4)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:53 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = syz_open_dev$vcsn(&(0x7f00000000c0)='/dev/vcs#\x00', 0x0, 0x200)
ioctl$KVM_SET_MSRS(r1, 0x4008ae89, &(0x7f0000000140)={0x2, 0x0, [{0xa40, 0x0, 0x9}, {0x0, 0x0, 0x3}]})
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  369.603871][T21613] input: syz1 as /devices/virtual/input/input348
[  369.633631][T21608] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  369.636426][T21609] FAULT_INJECTION: forcing a failure.
[  369.636426][T21609] name failslab, interval 1, probability 0, space 0, times 0
[  369.681200][T21609] CPU: 1 PID: 21609 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  369.689243][T21609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  369.699346][T21609] Call Trace:
[  369.702654][T21609]  dump_stack+0x1d8/0x2f8
[  369.707024][T21609]  should_fail+0x608/0x860
[  369.711474][T21609]  ? setup_fault_attr+0x2b0/0x2b0
[  369.716539][T21609]  __should_failslab+0x11a/0x160
[  369.721501][T21609]  ? mmu_topup_memory_caches+0x93/0x490
[  369.727082][T21609]  should_failslab+0x9/0x20
[  369.731610][T21609]  kmem_cache_alloc+0x56/0x2e0
[  369.736402][T21609]  ? mmu_topup_memory_caches+0x93/0x490
[  369.741948][T21609]  mmu_topup_memory_caches+0x93/0x490
[  369.747386][T21609]  kvm_mmu_load+0x9c/0x1cc0
[  369.751918][T21609]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  369.757393][T21609]  ? __lock_acquire+0x4750/0x4750
[  369.762441][T21609]  ? vmx_flush_tlb+0x2b3/0x600
[  369.767201][T21609]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  369.772937][T21609]  ? kvm_apic_has_interrupt+0x543/0xa40
[  369.778481][T21609]  ? kvm_mmu_unload+0xf0/0xf0
[  369.783154][T21609]  ? __kasan_check_write+0x14/0x20
[  369.788261][T21609]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  369.793920][T21609]  ? kvm_apic_accept_events+0x18f/0x470
[  369.799577][T21609]  ? kvm_apic_has_interrupt+0x543/0xa40
[  369.805135][T21609]  vcpu_enter_guest+0x3ffc/0x5530
[  369.810199][T21609]  ? local_bh_enable+0x30/0x30
[  369.814998][T21609]  ? lock_acquire+0x158/0x250
[  369.819672][T21609]  ? rcu_lock_acquire+0xd/0x40
[  369.824438][T21609]  vcpu_run+0x393/0xd40
[  369.828596][T21609]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  369.834056][T21609]  kvm_vcpu_ioctl+0x792/0xba0
[  369.838750][T21609]  ? kvm_vm_release+0x50/0x50
[  369.843427][T21609]  ? tomoyo_path_number_perm+0x587/0x740
[  369.849056][T21609]  ? trace_hardirqs_on+0x74/0x80
[  369.854007][T21609]  ? tomoyo_path_number_perm+0x5f0/0x740
[  369.859677][T21609]  ? tomoyo_check_path_acl+0x180/0x180
[  369.865150][T21609]  ? kvm_vm_release+0x50/0x50
[  369.869846][T21609]  do_vfs_ioctl+0x7d4/0x18f0
[  369.874439][T21609]  ? __lock_acquire+0x4750/0x4750
[  369.879469][T21609]  ? ioctl_preallocate+0x240/0x240
[  369.884583][T21609]  ? fget_many+0x30/0x30
[  369.888838][T21609]  ? debug_smp_processor_id+0x1c/0x20
[  369.894229][T21609]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  369.900322][T21609]  ? tomoyo_file_ioctl+0x23/0x30
[  369.905278][T21609]  ? security_file_ioctl+0xa1/0xd0
[  369.910812][T21609]  __x64_sys_ioctl+0xe3/0x120
[  369.915504][T21609]  do_syscall_64+0xfe/0x140
[  369.920049][T21609]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  369.926235][T21609] RIP: 0033:0x459829
[  369.930967][T21609] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  369.950862][T21609] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  369.959906][T21609] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  369.968033][T21609] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
00:34:54 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r4, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
sendmsg$nl_route(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000380)={&(0x7f00000003c0)=@ipv4_newrule={0x2c, 0x20, 0xf29, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, [@FRA_GENERIC_POLICY=@FRA_UID_RANGE={0xc}]}, 0x2c}}, 0x0)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
sysfs$3(0x3)

00:34:54 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, 0x0, 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  369.976018][T21609] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  369.984007][T21609] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  369.991995][T21609] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:34:54 executing program 5 (fault-call:9 fault-nth:5):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  370.039161][T21627] input: syz1 as /devices/virtual/input/input349
00:34:54 executing program 0:
socketpair$unix(0x1, 0x4400000000000001, 0x0, &(0x7f0000000140))
syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x40000)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer2\x00', 0x800, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:54 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
accept(r0, 0x0, &(0x7f00000000c0))
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  370.116419][T21624] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:54 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x1fffff, 0x0)
getsockopt$inet_sctp_SCTP_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x6, &(0x7f0000000100)={<r2=>0x0, @in6={{0xa, 0x4e24, 0x3, @local, 0x80000001}}}, &(0x7f0000000040)=0x84)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000080)={0x100, 0x40, 0x8000, 0x3, 0x1, 0x5, 0x3000000000, 0x400, r2}, 0x20)

00:34:54 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  370.191563][T21638] FAULT_INJECTION: forcing a failure.
[  370.191563][T21638] name failslab, interval 1, probability 0, space 0, times 0
[  370.256891][T21646] input: syz1 as /devices/virtual/input/input350
[  370.272309][T21638] CPU: 0 PID: 21638 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  370.280332][T21638] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  370.290395][T21638] Call Trace:
[  370.293707][T21638]  dump_stack+0x1d8/0x2f8
[  370.298552][T21638]  should_fail+0x608/0x860
[  370.302998][T21638]  ? setup_fault_attr+0x2b0/0x2b0
[  370.308049][T21638]  __should_failslab+0x11a/0x160
[  370.313007][T21638]  ? mmu_topup_memory_caches+0x93/0x490
[  370.318570][T21638]  should_failslab+0x9/0x20
[  370.323095][T21638]  kmem_cache_alloc+0x56/0x2e0
[  370.327879][T21638]  ? mmu_topup_memory_caches+0x93/0x490
[  370.327905][T21638]  mmu_topup_memory_caches+0x93/0x490
[  370.338860][T21638]  kvm_mmu_load+0x9c/0x1cc0
[  370.343392][T21638]  ? preempt_schedule_irq+0x10a/0x140
[  370.348788][T21638]  ? kvm_apic_has_interrupt+0x543/0xa40
[  370.354352][T21638]  ? kvm_mmu_unload+0xf0/0xf0
[  370.359045][T21638]  ? __kasan_check_write+0x14/0x20
[  370.364171][T21638]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  370.369823][T21638]  ? kvm_apic_has_interrupt+0x3e4/0xa40
[  370.375416][T21638]  ? kvm_apic_has_interrupt+0x543/0xa40
[  370.380989][T21638]  vcpu_enter_guest+0x3ffc/0x5530
[  370.386042][T21638]  ? local_bh_enable+0x30/0x30
[  370.390826][T21638]  ? lock_acquire+0x158/0x250
[  370.395522][T21638]  ? rcu_lock_acquire+0xd/0x40
[  370.400319][T21638]  vcpu_run+0x393/0xd40
[  370.404509][T21638]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  370.409993][T21638]  kvm_vcpu_ioctl+0x792/0xba0
[  370.414691][T21638]  ? kvm_vm_release+0x50/0x50
[  370.419410][T21638]  ? tomoyo_path_number_perm+0x587/0x740
[  370.425065][T21638]  ? trace_hardirqs_on+0x74/0x80
[  370.425077][T21638]  ? tomoyo_path_number_perm+0x5f0/0x740
[  370.425088][T21638]  ? tomoyo_check_path_acl+0x180/0x180
[  370.425102][T21638]  ? kvm_vm_release+0x50/0x50
[  370.425113][T21638]  do_vfs_ioctl+0x7d4/0x18f0
[  370.425127][T21638]  ? __lock_acquire+0x4750/0x4750
[  370.425136][T21638]  ? ioctl_preallocate+0x240/0x240
[  370.425154][T21638]  ? fget_many+0x30/0x30
[  370.425162][T21638]  ? debug_smp_processor_id+0x1c/0x20
[  370.425172][T21638]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  370.425184][T21638]  ? tomoyo_file_ioctl+0x23/0x30
[  370.425202][T21638]  ? security_file_ioctl+0xa1/0xd0
[  370.450278][T21651] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  370.451242][T21638]  __x64_sys_ioctl+0xe3/0x120
[  370.451258][T21638]  do_syscall_64+0xfe/0x140
[  370.451271][T21638]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  370.451281][T21638] RIP: 0033:0x459829
[  370.451298][T21638] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  370.461436][T21638] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  370.461447][T21638] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
00:34:54 executing program 3:
prlimit64(0x0, 0x0, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:54 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/ubi_ctrl\x00', 0x40, 0x0)
ioctl$DRM_IOCTL_MODESET_CTL(r1, 0x40086408, &(0x7f00000002c0)={0x20, 0x9})
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
bpf$OBJ_PIN_PROG(0x6, &(0x7f0000000300)={&(0x7f0000000280)='./file0\x00', r1}, 0x10)
r2 = fcntl$dupfd(r0, 0x0, r0)
setsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r2, 0x84, 0x13, &(0x7f0000000140)=0x3, 0x4)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$SNDRV_SEQ_IOCTL_PVERSION(r2, 0x80045300, &(0x7f0000000380))
setsockopt$llc_int(r2, 0x10c, 0x4, &(0x7f0000000240)=0x11d, 0x4)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RFSYNC(r1, &(0x7f0000000340)={0x7, 0x33, 0x62c}, 0x7)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$SNDRV_SEQ_IOCTL_GET_NAMED_QUEUE(r2, 0xc08c5336, &(0x7f0000000180)={0x9, 0xfff, 0x8, 'queue1\x00', 0x6})

00:34:54 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:54 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x9, 0x180)
accept4$alg(r2, 0x0, 0x0, 0x80800)
unshare(0x20040600)
open_by_handle_at(r0, &(0x7f0000000000)={0x27, 0xfffffffffffffc01, "dc3506696a8ebd1fa248e328cb8b1194cbb641215037a87274c241063a54ff"}, 0x100)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  370.461451][T21638] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  370.461456][T21638] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  370.461460][T21638] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  370.461466][T21638] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:34:54 executing program 5 (fault-call:9 fault-nth:6):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:54 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000009400)=[{{&(0x7f0000000140)=@vsock={0x28, 0x0, 0x0, @reserved}, 0x80, &(0x7f00000006c0)=[{&(0x7f00000000c0)=""/53, 0x35}, {&(0x7f00000001c0)=""/64, 0x40}, {&(0x7f0000000200)=""/168, 0xa8}, {&(0x7f00000002c0)=""/227, 0xe3}, {&(0x7f00000003c0)=""/114, 0x72}, {&(0x7f0000000440)=""/251, 0xfb}, {&(0x7f0000000540)=""/126, 0x7e}, {&(0x7f00000005c0)}, {&(0x7f0000000600)=""/158, 0x9e}], 0x9}, 0x8}, {{&(0x7f0000009640)=@l2, 0x80, &(0x7f0000001b00)=[{&(0x7f0000000800)=""/114, 0x72}, {&(0x7f0000000880)=""/4096, 0x1000}, {&(0x7f0000001880)=""/5, 0x5}, {&(0x7f00000018c0)=""/242, 0x2d}, {&(0x7f00000019c0)=""/44, 0x2c}, {&(0x7f0000001a00)=""/151, 0x97}, {&(0x7f0000001ac0)=""/30, 0x1e}], 0x7}, 0xfffffffffffffc0b}, {{&(0x7f0000001b80)=@ipx, 0x80, &(0x7f0000001d40)=[{&(0x7f0000001c00)=""/4, 0x4}, {&(0x7f0000001c40)=""/160, 0xa0}, {&(0x7f0000001d00)=""/11, 0xb}], 0x3, &(0x7f0000001d80)=""/224, 0xe0}}, {{&(0x7f0000001e80)=@pppol2tpin6, 0x80, &(0x7f0000002340)=[{&(0x7f0000001f00)=""/103, 0x67}, {&(0x7f0000001f80)=""/6, 0x6}, {&(0x7f0000001fc0)=""/206, 0xce}, {&(0x7f00000020c0)=""/239, 0xef}, {&(0x7f00000021c0)=""/51, 0x33}, {&(0x7f0000002200)=""/52, 0x34}, {&(0x7f0000002240)=""/198, 0xc6}], 0x7}, 0xfffffffffffffffc}, {{&(0x7f00000023c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @dev}}}, 0x80, &(0x7f0000003540)=[{&(0x7f0000002440)=""/4096, 0x1000}, {&(0x7f0000003440)=""/146, 0x92}, {&(0x7f0000003500)=""/22, 0x16}], 0x3, &(0x7f0000003580)=""/4096, 0x1000}, 0x86}, {{&(0x7f0000004580)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @empty}}}, 0x80, &(0x7f00000067c0)=[{&(0x7f0000004600)=""/22, 0x16}, {&(0x7f0000004640)=""/95, 0x5f}, {&(0x7f00000046c0)=""/4096, 0x1000}, {&(0x7f00000056c0)=""/4096, 0x1000}, {&(0x7f00000066c0)=""/93, 0x5d}, {&(0x7f0000006740)=""/77, 0x4d}], 0x6, &(0x7f0000006840)=""/240, 0xf0}, 0x20}, {{&(0x7f0000006940)=@alg, 0x80, &(0x7f0000007d80)=[{&(0x7f00000069c0)=""/213, 0xd5}, {&(0x7f0000006ac0)=""/34, 0x22}, {&(0x7f0000006b00)=""/4096, 0x1000}, {&(0x7f0000007b00)=""/67, 0x43}, {&(0x7f0000007b80)=""/3, 0x3}, {&(0x7f0000007bc0)=""/78, 0x4e}, {&(0x7f0000007c40)=""/89, 0x59}, {&(0x7f0000007cc0)=""/154, 0x9a}], 0x8, &(0x7f0000007e00)=""/66, 0x42}, 0xffffffff}, {{&(0x7f0000007e80)=@pptp={0x18, 0x2, {0x0, @remote}}, 0x80, &(0x7f0000008140)=[{&(0x7f0000007f00)=""/127, 0x7f}, {&(0x7f0000007f80)=""/36, 0x24}, {&(0x7f0000007fc0)=""/101, 0x65}, {&(0x7f0000008040)=""/75, 0x4b}, {&(0x7f00000080c0)=""/19, 0x13}, {&(0x7f0000008100)=""/18, 0x12}], 0x6, &(0x7f00000081c0)=""/6, 0x6}, 0x3}, {{&(0x7f0000008200)=@pppol2tpin6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @loopback}}}, 0x80, &(0x7f00000093c0)=[{&(0x7f0000008280)=""/172, 0xac}, {&(0x7f0000008340)=""/94, 0x5e}, {&(0x7f00000083c0)=""/4096, 0x1000}], 0x3}, 0x7}], 0x9, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r1, 0x84, 0xa, &(0x7f0000000000)={0x1f, 0x0, 0x4, 0x100000000, 0x2, 0x100000000, 0x2c, 0x5bed, <r4=>0x0}, &(0x7f00000005c0)=0x20)
openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000009780)='/dev/dlm_plock\x00', 0x101040, 0x0)
getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r2, 0x84, 0x66, &(0x7f0000000780)={r4, 0xfff}, &(0x7f00000007c0)=0x8)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:54 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x10000000)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x6a0c2, 0x0)
ioctl$TIOCLINUX5(r2, 0x541c, &(0x7f0000000040)={0x5, 0x0, 0xffffffff, 0x1000, 0x1d})
socket$caif_stream(0x25, 0x1, 0x0)
r3 = open(&(0x7f0000000080)='./file0\x00', 0x1, 0x2)
ioctl$NBD_CLEAR_QUE(r3, 0xab05)

[  370.700805][T21646] input: syz1 as /devices/virtual/input/input351
00:34:55 executing program 1:
syz_open_dev$admmidi(&(0x7f0000000240)='/dev/admmidi#\x00', 0x3b63, 0x20000)
r0 = accept$packet(0xffffffffffffffff, &(0x7f0000000180)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f00000001c0)=0x14)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000200)={'bpq0\x00', {0x2, 0x4e20, @loopback}})
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r1, 0x1, 0x5d, &(0x7f0000000140)=0x61e67a7affc, 0x4)
recvmmsg(r1, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r1, 0x0, r1)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r3, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$SIOCAX25GETINFO(r2, 0x89ed, &(0x7f0000000080))

00:34:55 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x0, 0xfb, &(0x7f0000000200)=""/251}, 0x48)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  370.800438][T21674] FAULT_INJECTION: forcing a failure.
[  370.800438][T21674] name failslab, interval 1, probability 0, space 0, times 0
[  370.827699][T21674] CPU: 1 PID: 21674 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  370.835727][T21674] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  370.835734][T21674] Call Trace:
[  370.835759][T21674]  dump_stack+0x1d8/0x2f8
[  370.835775][T21674]  should_fail+0x608/0x860
[  370.835788][T21674]  ? setup_fault_attr+0x2b0/0x2b0
[  370.835804][T21674]  __should_failslab+0x11a/0x160
[  370.835820][T21674]  ? mmu_topup_memory_caches+0x93/0x490
[  370.835832][T21674]  should_failslab+0x9/0x20
[  370.835843][T21674]  kmem_cache_alloc+0x56/0x2e0
[  370.835853][T21674]  ? mmu_topup_memory_caches+0x93/0x490
[  370.835864][T21674]  mmu_topup_memory_caches+0x93/0x490
[  370.835876][T21674]  kvm_mmu_load+0x9c/0x1cc0
[  370.835885][T21674]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  370.835894][T21674]  ? __lock_acquire+0x4750/0x4750
[  370.835902][T21674]  ? vmx_flush_tlb+0x2b3/0x600
[  370.835915][T21674]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  370.835926][T21674]  ? kvm_apic_has_interrupt+0x543/0xa40
[  370.835937][T21674]  ? kvm_mmu_unload+0xf0/0xf0
[  370.835948][T21674]  ? __kasan_check_write+0x14/0x20
[  370.835957][T21674]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  370.835975][T21674]  ? kvm_apic_accept_events+0x18f/0x470
00:34:55 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:55 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x406, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0x74)
write$P9_RXATTRWALK(r1, &(0x7f00000000c0)={0xf, 0x9}, 0xf)

[  370.849408][T21674]  ? kvm_apic_has_interrupt+0x543/0xa40
[  370.849428][T21674]  vcpu_enter_guest+0x3ffc/0x5530
[  370.849444][T21674]  ? local_bh_enable+0x30/0x30
[  370.849461][T21674]  ? lock_acquire+0x158/0x250
[  370.858245][T21674]  ? rcu_lock_acquire+0xd/0x40
[  370.858261][T21674]  vcpu_run+0x393/0xd40
[  370.858278][T21674]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  370.858289][T21674]  kvm_vcpu_ioctl+0x792/0xba0
[  370.858299][T21674]  ? kvm_vm_release+0x50/0x50
[  370.858309][T21674]  ? tomoyo_path_number_perm+0x587/0x740
[  370.858319][T21674]  ? trace_hardirqs_on+0x74/0x80
[  370.858336][T21674]  ? tomoyo_path_number_perm+0x5f0/0x740
[  370.868420][T21674]  ? tomoyo_check_path_acl+0x180/0x180
[  370.878471][T21674]  ? kvm_vm_release+0x50/0x50
[  370.878485][T21674]  do_vfs_ioctl+0x7d4/0x18f0
[  370.878497][T21674]  ? __lock_acquire+0x4750/0x4750
[  370.878512][T21674]  ? ioctl_preallocate+0x240/0x240
[  370.888848][T21674]  ? fget_many+0x30/0x30
[  370.888858][T21674]  ? debug_smp_processor_id+0x1c/0x20
[  370.888868][T21674]  ? fpregs_assert_state_consistent+0xb7/0xe0
00:34:55 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'dummy0\x00', 0x4100})
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:55 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
ioctl$PPPIOCGFLAGS1(r1, 0x8004745a, &(0x7f00000000c0))
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  370.888881][T21674]  ? tomoyo_file_ioctl+0x23/0x30
[  370.888892][T21674]  ? security_file_ioctl+0xa1/0xd0
[  370.888902][T21674]  __x64_sys_ioctl+0xe3/0x120
[  370.888917][T21674]  do_syscall_64+0xfe/0x140
[  370.888928][T21674]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  370.888938][T21674] RIP: 0033:0x459829
[  370.888953][T21674] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  370.898862][T21674] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  370.909391][T21674] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  370.909403][T21674] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  370.909407][T21674] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  370.909412][T21674] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  370.909417][T21674] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  371.112757][T21694] device dummy0 entered promiscuous mode
[  371.192347][T21689] input: syz1 as /devices/virtual/input/input352
00:34:55 executing program 3:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:55 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:55 executing program 5 (fault-call:9 fault-nth:7):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:55 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$FIONREAD(r1, 0x541b, &(0x7f00000000c0))

00:34:55 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = syz_open_dev$vcsn(&(0x7f0000000000)='/dev/vcs#\x00', 0xff, 0x8400)
ioctl$SNDRV_CTL_IOCTL_ELEM_LIST(r1, 0xc0505510, &(0x7f0000000040)={0x7fffffff, 0x9, 0x1, 0x7fffffff, &(0x7f0000000100)=[{}, {}, {}, {}, {}, {}, {}, {}, {}]})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000340)='/dev/nullb0\x00', 0x400000, 0x0)

00:34:55 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0x7, 0x20000)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000040)='/dev/snd/pcmC#D#p\x00', 0xaf, 0x40)
unshare(0x2000000)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:55 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
fcntl$dupfd(r0, 0x406, r0)
openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x20042, 0x0)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000040)='/dev/full\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x9)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

[  371.498747][T21719] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  371.524591][T21720] input: syz1 as /devices/virtual/input/input354
[  371.540584][T21715] FAULT_INJECTION: forcing a failure.
00:34:55 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
r3 = fcntl$getown(r0, 0x9)
capget(&(0x7f00000000c0)={0x19980330, r3}, &(0x7f0000000140)={0x8, 0x100000000, 0x6, 0x9, 0x5, 0x3})
ioctl(r2, 0x1000008914, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:55 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  371.540584][T21715] name failslab, interval 1, probability 0, space 0, times 0
[  371.611286][T21715] CPU: 1 PID: 21715 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  371.623211][T21715] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  371.633707][T21715] Call Trace:
[  371.637335][T21715]  dump_stack+0x1d8/0x2f8
[  371.637351][T21715]  should_fail+0x608/0x860
[  371.637365][T21715]  ? setup_fault_attr+0x2b0/0x2b0
[  371.637383][T21715]  __should_failslab+0x11a/0x160
[  371.637403][T21715]  ? mmu_topup_memory_caches+0x93/0x490
[  371.637423][T21715]  should_failslab+0x9/0x20
[  371.650333][T21715]  kmem_cache_alloc+0x56/0x2e0
[  371.650345][T21715]  ? mmu_topup_memory_caches+0x93/0x490
[  371.650356][T21715]  mmu_topup_memory_caches+0x93/0x490
[  371.650367][T21715]  kvm_mmu_load+0x9c/0x1cc0
[  371.650376][T21715]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  371.650386][T21715]  ? __lock_acquire+0x4750/0x4750
[  371.650394][T21715]  ? vmx_flush_tlb+0x2b3/0x600
00:34:56 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:56 executing program 0:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cuse\x00', 0x2, 0x0)
fsetxattr$security_smack_transmute(r0, &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r3 = syz_open_dev$vbi(&(0x7f00000000c0)='/dev/vbi#\x00', 0x2, 0x2)
setsockopt$bt_BT_SECURITY(r3, 0x112, 0x4, &(0x7f0000000100)={0xfffffffffffffffd, 0x1}, 0x2)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

[  371.650417][T21715]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  371.671934][T21737] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  371.676136][T21715]  ? kvm_apic_has_interrupt+0x543/0xa40
[  371.676148][T21715]  ? kvm_mmu_unload+0xf0/0xf0
[  371.676162][T21715]  ? __kasan_check_write+0x14/0x20
[  371.676171][T21715]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  371.676180][T21715]  ? kvm_apic_accept_events+0x18f/0x470
[  371.676189][T21715]  ? kvm_apic_has_interrupt+0x543/0xa40
[  371.676204][T21715]  vcpu_enter_guest+0x3ffc/0x5530
00:34:56 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
getsockopt$sock_timeval(r1, 0x1, 0x41, &(0x7f0000000800), &(0x7f0000000780)=0xfffffdba)
r2 = syz_open_dev$usbmon(&(0x7f0000000680)='/dev/usbmon#\x00', 0x3, 0x400000)
sendmsg$tipc(r2, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000040)="d901e1f26231dccb6427329983b7b20988b52376c61b4fe181d18f8f8f95bbe7b0fd464542602569bc35cfb9b8b2e7bbad9e4adcac3db965e7c32c7eb6e4b6512f43e05cc3cf266dbb3ccffbce61193c4e74f4c851e2ae2f17d7dfb4c459a4ec1144a31d33d8c47ef2ad88bc122eafe4bea203855532f51b0041ed1513a9d8885a7335a65e3128d909553995c656680c5f709269bfd193df59f41fb2350d4d6bce3fed4d5df0db7e4c55cc45faa03912636af2b036683375fc256f8d006738ddc65d44048aea1ac328335b3cf854962b7dbb303dd64e12274972df2afbde7b5fc3de06fb657b5f42ce8c25d7edb582bb5601f908", 0xf4}, {0xffffffffffffffff}, {&(0x7f0000000140)="b543b83564b33d64b7eaa209cf03b666fb2863336932091c7857f927002fb8bae6", 0x21}, {&(0x7f0000000180)="27cd7f8c9bdc2797e513c19c15035f560b9ba6722d55159739508e7c4fcca506a6937bafd0139f0043e43400a1fc613817ba9da5e46d8a39ab1158", 0x3b}, {&(0x7f00000001c0)="5f31a938b9fb7b1676915e82312f87c24e028e0f202ab3c96de1493450066ec812043b2ced1f7ceab7fb7e52dcea2d5874b532f7b001b98a9723c08e4eb454c59f20ff74ac866083616b83079c9f7fa55416bdd617eab19f9b1d2c40a8657eaecb48d7aa89812e0f341c79e4146a637fe7e9cf2f441b372915b4761b22ac427834c7141fb67978e718ad13b2e86ac7a1830ed8ef9ba9c857cf0c58b61f435e45a3bfc7707a3944f55c02e9a1eb66b9f24417fcd508c33187513d83d1b4acc98bc1b58200f3496da6b72b76c1d5560ffca53c4c9b807629fa478f", 0xda}, {&(0x7f0000000340)="27e5cb89b476ea5bd38937aaa24daa6280b2aa9292910d1efcba8017ba9b358c34d0ad86a5ba0c949f87d6d0bc1677757f90d05e17e4b2c06f1ff2dd92e13f0402bf1651e3bd75c01e71f80bce06b3f185d62781c5ecf7d98c695897f4b5e43a9f16ac0e586b8327f3e1154e674a2d498a844f9400393cc3207b29d4441ab21f737f3369adbbaae75c8e", 0x8a}, {&(0x7f0000000400)="e2aa3356ee3ac1faf8bb682c84b365661295e55558789390c25889b750dd8747dc502477e6d83e8b30207f260be1a7e941f20bdd8a7ad7905c43bddb9716b5bfe7d703750fa33f43f8d9d3e52cf52cc4355e9e10d647f3ab4fd99c660736123b5847f9e8070584164bad7eaf7aaa7c053e9d0b", 0x73}, {&(0x7f00000002c0)="f783b7ab5f5f7d2560c3efeb72164cbdb83f3632415ccd92004fa1c7cc18c46bdff645ce71d6e65c89e7bd529b875c34e1efd8c3280df681fe", 0x39}, {&(0x7f0000000480)="315bcdea0c85e5633f5b4c4789c2a5a3db19061f6d5d7e64e8ed73868f441f952f40527c2e275868a7aaa00959dbd9eae4db9c77e4261309280b616c4ffa78a28b8064e4813d38f3373f37f1bb33c74be2a636cd36f8bddbd49b25fcb01da832b0a11e003ffd26e5dbe5173cafe3b9ee7f12aecc2dc58872594242e70148d52a04783d85f93e00dca7e0aa6d4d2af1dd928a82de909567742e6e7a3233e100903c8223dbec17ee825b01f56112a6a94ac80190bd30c3da94f5d48f1dea88567af33c613ccc99360227f696925890", 0xce}], 0x9, 0x0, 0x0, 0x800}, 0x10)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  371.676220][T21715]  ? local_bh_enable+0x30/0x30
[  371.676231][T21715]  ? lock_acquire+0x158/0x250
[  371.676246][T21715]  ? rcu_lock_acquire+0xd/0x40
[  371.688599][T21715]  vcpu_run+0x393/0xd40
[  371.688619][T21715]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  371.688630][T21715]  kvm_vcpu_ioctl+0x792/0xba0
[  371.688640][T21715]  ? kvm_vm_release+0x50/0x50
[  371.688651][T21715]  ? tomoyo_path_number_perm+0x587/0x740
[  371.688668][T21715]  ? trace_hardirqs_on+0x74/0x80
[  371.699680][T21715]  ? tomoyo_path_number_perm+0x5f0/0x740
[  371.699693][T21715]  ? tomoyo_check_path_acl+0x180/0x180
[  371.699707][T21715]  ? kvm_vm_release+0x50/0x50
[  371.699718][T21715]  do_vfs_ioctl+0x7d4/0x18f0
[  371.699731][T21715]  ? __lock_acquire+0x4750/0x4750
[  371.699741][T21715]  ? ioctl_preallocate+0x240/0x240
[  371.699759][T21715]  ? fget_many+0x30/0x30
[  371.699766][T21715]  ? debug_smp_processor_id+0x1c/0x20
[  371.699776][T21715]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  371.699795][T21715]  ? tomoyo_file_ioctl+0x23/0x30
[  371.789517][T21715]  ? security_file_ioctl+0xa1/0xd0
[  371.789530][T21715]  __x64_sys_ioctl+0xe3/0x120
[  371.789545][T21715]  do_syscall_64+0xfe/0x140
[  371.789557][T21715]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  371.789567][T21715] RIP: 0033:0x459829
[  371.789578][T21715] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  371.789583][T21715] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  371.789599][T21715] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  371.801708][T21715] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  371.848280][T21742] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  371.850330][T21715] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  371.850336][T21715] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  371.850340][T21715] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  371.976159][T21720] input: syz1 as /devices/virtual/input/input355
00:34:56 executing program 3:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:56 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x6, 0x1000007fffffff)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:56 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
prctl$PR_MCE_KILL_GET(0x22)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:56 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:56 executing program 5 (fault-call:9 fault-nth:8):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:56 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000000)={{0x4, 0x6, 0x1000000010, 0x1}, 'syz0\x00', 0x54})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
socket$vsock_dgram(0x28, 0x2, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:34:56 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
getsockopt$IP_VS_SO_GET_DAEMON(r2, 0x0, 0x487, &(0x7f00000000c0), &(0x7f0000000140)=0x30)

[  372.325150][T21762] input: syz0 as /devices/virtual/input/input356
00:34:56 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0xaa62, 0x20001)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  372.389913][T21760] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  372.410739][T21768] FAULT_INJECTION: forcing a failure.
[  372.410739][T21768] name failslab, interval 1, probability 0, space 0, times 0
[  372.425099][T21768] CPU: 0 PID: 21768 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  372.437464][T21768] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  372.437470][T21768] Call Trace:
[  372.437497][T21768]  dump_stack+0x1d8/0x2f8
[  372.437512][T21768]  should_fail+0x608/0x860
[  372.437523][T21768]  ? setup_fault_attr+0x2b0/0x2b0
[  372.437540][T21768]  __should_failslab+0x11a/0x160
[  372.437556][T21768]  ? mmu_topup_memory_caches+0x93/0x490
[  372.437576][T21768]  should_failslab+0x9/0x20
[  372.481395][T21768]  kmem_cache_alloc+0x56/0x2e0
[  372.486175][T21768]  ? mmu_topup_memory_caches+0x93/0x490
[  372.486187][T21768]  mmu_topup_memory_caches+0x93/0x490
[  372.486199][T21768]  kvm_mmu_load+0x9c/0x1cc0
[  372.486209][T21768]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  372.486218][T21768]  ? __lock_acquire+0x4750/0x4750
[  372.486227][T21768]  ? vmx_flush_tlb+0x2b3/0x600
[  372.486237][T21768]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  372.486246][T21768]  ? kvm_apic_has_interrupt+0x543/0xa40
[  372.486255][T21768]  ? kvm_mmu_unload+0xf0/0xf0
[  372.486267][T21768]  ? __kasan_check_write+0x14/0x20
[  372.486275][T21768]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  372.486284][T21768]  ? kvm_apic_accept_events+0x18f/0x470
[  372.486293][T21768]  ? kvm_apic_has_interrupt+0x543/0xa40
[  372.486308][T21768]  vcpu_enter_guest+0x3ffc/0x5530
[  372.486323][T21768]  ? local_bh_enable+0x30/0x30
[  372.486338][T21768]  ? lock_acquire+0x158/0x250
[  372.497293][T21768]  ? rcu_lock_acquire+0xd/0x40
[  372.497308][T21768]  vcpu_run+0x393/0xd40
[  372.497336][T21768]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  372.507324][T21768]  kvm_vcpu_ioctl+0x792/0xba0
00:34:56 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140)='/dev/snapshot\x00', 0x8000, 0x0)
getsockopt$inet6_opts(r2, 0x29, 0x39, &(0x7f0000000180)=""/182, &(0x7f0000000240)=0x3a5)
tee(r0, r1, 0x3d, 0xc)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0xc)
write$P9_RRENAMEAT(r2, &(0x7f0000000280)={0x7, 0x4b, 0x2}, 0x7)
r3 = dup2(r0, r0)
setsockopt$TIPC_IMPORTANCE(r3, 0x10f, 0x7f, &(0x7f0000000000)=0xffffffffffffffff, 0x4)
setsockopt$inet6_tcp_TCP_QUEUE_SEQ(r3, 0x6, 0x15, &(0x7f0000000100), 0x4)
ioctl$TIOCLINUX3(r3, 0x541c, &(0x7f0000000080))
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x50d97b8eb2a4c2ac)
r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/qat_adf_ctl\x00', 0x80803, 0x0)
setsockopt$bt_BT_DEFER_SETUP(r4, 0x112, 0x7, &(0x7f0000000040)=0x1, 0x4)

00:34:56 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  372.507334][T21768]  ? kvm_vm_release+0x50/0x50
[  372.507344][T21768]  ? tomoyo_path_number_perm+0x587/0x740
[  372.507354][T21768]  ? trace_hardirqs_on+0x74/0x80
[  372.507364][T21768]  ? tomoyo_path_number_perm+0x5f0/0x740
[  372.507377][T21768]  ? tomoyo_check_path_acl+0x180/0x180
[  372.507387][T21768]  ? kvm_vm_release+0x50/0x50
[  372.507397][T21768]  do_vfs_ioctl+0x7d4/0x18f0
[  372.507408][T21768]  ? __lock_acquire+0x4750/0x4750
[  372.507418][T21768]  ? ioctl_preallocate+0x240/0x240
[  372.507436][T21768]  ? fget_many+0x30/0x30
[  372.507445][T21768]  ? debug_smp_processor_id+0x1c/0x20
[  372.507454][T21768]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  372.507469][T21768]  ? tomoyo_file_ioctl+0x23/0x30
[  372.523063][T21768]  ? security_file_ioctl+0xa1/0xd0
[  372.523075][T21768]  __x64_sys_ioctl+0xe3/0x120
[  372.523089][T21768]  do_syscall_64+0xfe/0x140
[  372.523101][T21768]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  372.523117][T21768] RIP: 0033:0x459829
00:34:57 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$IP6T_SO_GET_INFO(r1, 0x29, 0x40, &(0x7f0000000140)={'nat\x00'}, &(0x7f00000000c0)=0x54)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
getsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r1, 0x84, 0x72, &(0x7f00000001c0)={<r3=>0x0, 0xffffffffffff8001}, &(0x7f0000000200)=0xc)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r1, 0x84, 0x10, &(0x7f0000000240)=@assoc_value={r3, 0x80}, &(0x7f0000000280)=0x8)
r4 = openat$cgroup_ro(r1, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r4, 0x0, &(0x7f00000002c0)='lazytime\x00', 0x0, 0x0)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  372.538437][T21768] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  372.538442][T21768] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  372.538451][T21768] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  372.538456][T21768] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  372.538460][T21768] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  372.538466][T21768] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  372.538471][T21768] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:34:57 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet_mreq(r1, 0x0, 0x24, &(0x7f0000000000)={@remote, @multicast1}, 0x8)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  372.851608][T21762] input: syz0 as /devices/virtual/input/input357
00:34:57 executing program 5 (fault-call:9 fault-nth:9):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:57 executing program 3:
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:57 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:57 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:34:57 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
fadvise64(r0, 0x0, 0x7fffffff, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
mlockall(0x2)

00:34:57 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/lblc_expiration\x00', 0x2, 0x0)
setsockopt$ax25_SO_BINDTODEVICE(r1, 0x101, 0x19, &(0x7f0000000200)=@rose={'rose', 0x0}, 0x10)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r2 = fcntl$dupfd(r0, 0x0, r0)
r3 = msgget$private(0x0, 0x108)
msgctl$IPC_INFO(r3, 0x3, &(0x7f0000000240)=""/86)
getsockopt$inet6_mreq(r2, 0x29, 0x14, &(0x7f00000000c0)={@empty, <r4=>0x0}, &(0x7f0000000140)=0x14)
setsockopt$inet6_IPV6_PKTINFO(r2, 0x29, 0x32, &(0x7f0000000180)={@ipv4={[], [], @broadcast}, r4}, 0x14)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r5, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r2, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r2, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  373.207148][T21812] input: syz1 as /devices/virtual/input/input358
00:34:57 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
ioctl$SIOCGETLINKNAME(r1, 0x89e0, &(0x7f0000000140)={0x3, 0x3})
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  373.249422][T21813] FAULT_INJECTION: forcing a failure.
[  373.249422][T21813] name failslab, interval 1, probability 0, space 0, times 0
[  373.272660][T21815] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:57 executing program 0:
r0 = syz_open_dev$mouse(&(0x7f0000000240)='/dev/input/mouse#\x00', 0x40, 0x101040)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000740)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_TOL(r0, &(0x7f0000000640)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x2000}, 0xc, &(0x7f0000000500)={&(0x7f00000005c0)=ANY=[@ANYBLOB='h\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="02002cbd7000fbdbdf25010000000000000807410000004c00180000004573797a300000000000000000000000000000000000000000000000000000000f1d1046000000000000000000000000000000000800"/98], 0x68}, 0x1, 0x0, 0x0, 0x4000}, 0x20000000)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = creat(&(0x7f0000000680)='./file0\x00', 0x70)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
stat(&(0x7f0000000340)='./file0\x00', &(0x7f0000000380))
r4 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r5 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000400)='/dev/dsp\x00', 0x103400, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0x21, 0x0, 0xfffffffffffffe2a)
r6 = dup2(r4, r4)
lstat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r7=>0x0})
getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r6, 0x84, 0x22, &(0x7f0000000580)={0x10001, 0xa, 0x5, 0x8001, <r8=>0x0}, &(0x7f0000000540)=0xa)
setsockopt$inet_sctp6_SCTP_AUTH_DEACTIVATE_KEY(r2, 0x84, 0x23, &(0x7f00000002c0)={r8, 0xb2f}, 0x8)
r9 = syz_genetlink_get_family_id$tipc2(&(0x7f00000006c0)='TIPCv2\x00')
sendmsg$TIPC_NL_PUBL_GET(r3, &(0x7f0000000880)={&(0x7f00000004c0)={0x10, 0x0, 0x0, 0x80004800}, 0xc, &(0x7f0000000700)={&(0x7f0000000780)={0xfc, r9, 0x200, 0x70bd29, 0x25dfdbfb, {}, [@TIPC_NLA_NODE={0x14, 0x6, [@TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xffffffff}]}, @TIPC_NLA_MON={0x34, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0xfffffffffffff001}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x7fff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x8}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}]}, @TIPC_NLA_NET={0x1c, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x3}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x9}]}, @TIPC_NLA_MEDIA={0x1c, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}, @TIPC_NLA_NET={0xc, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0xb6e6}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x7ff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1ff}]}, @TIPC_NLA_SOCK={0x40, 0x2, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x7}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x8}, @TIPC_NLA_SOCK_ADDR={0x8}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x1ff}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x8000}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x6}]}]}, 0xfc}}, 0x10)
stat(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, <r10=>0x0})
write$FUSE_ENTRY(r6, &(0x7f0000000180)={0x90, 0x0, 0x7, {0x6, 0x2, 0x2, 0x101, 0x3, 0x8, {0x2, 0x0, 0x8c7, 0x0, 0x0, 0x0, 0x200, 0x3, 0xffffffffffffff81, 0x8, 0x2, r7, r10, 0x9, 0x8}}}, 0x90)
getsockopt$inet_sctp_SCTP_RECONFIG_SUPPORTED(r6, 0x84, 0x75, &(0x7f0000000440)={r8, 0x4}, &(0x7f0000000480)=0x8)

[  373.303277][T21813] CPU: 1 PID: 21813 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  373.312443][T21813] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  373.312448][T21813] Call Trace:
[  373.312473][T21813]  dump_stack+0x1d8/0x2f8
[  373.312491][T21813]  should_fail+0x608/0x860
[  373.312509][T21813]  ? setup_fault_attr+0x2b0/0x2b0
[  373.341131][T21813]  __should_failslab+0x11a/0x160
[  373.346475][T21813]  ? mmu_topup_memory_caches+0x93/0x490
00:34:57 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
ioctl$UI_END_FF_ERASE(r1, 0x400c55cb, &(0x7f00000000c0)={0xe, 0x3, 0xfff})
write$P9_RXATTRWALK(r1, &(0x7f0000000140)={0x10000036c, 0x9, 0x1}, 0xf)

00:34:57 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = syz_open_dev$dspn(&(0x7f0000000000)='/dev/dsp#\x00', 0x1, 0x10040)
ioctl$VFIO_IOMMU_UNMAP_DMA(r2, 0x3b72, &(0x7f0000000040)={0x20, 0x2, 0x1000, 0x4, 0xfffffffffffffeff})

[  373.352039][T21813]  should_failslab+0x9/0x20
[  373.356830][T21813]  kmem_cache_alloc+0x56/0x2e0
[  373.361623][T21813]  ? mmu_topup_memory_caches+0x93/0x490
[  373.367284][T21813]  mmu_topup_memory_caches+0x93/0x490
[  373.372735][T21813]  kvm_mmu_load+0x9c/0x1cc0
[  373.377291][T21813]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  373.383350][T21813]  ? __lock_acquire+0x4750/0x4750
[  373.388825][T21813]  ? vmx_flush_tlb+0x2b3/0x600
[  373.393725][T21813]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
00:34:57 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(des3_ede)\x00'}, 0x58)
r3 = accept4(r2, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r2, 0x117, 0x1, &(0x7f00000000c0)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
sendto$unix(r3, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0)
recvfrom(r3, &(0x7f0000001400)=""/4096, 0x1000, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000038c0), 0x4000000000001f3, 0x0, 0x0)
write$P9_RGETATTR(r3, &(0x7f0000001340)={0xa0}, 0xa0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
fcntl$notify(r1, 0x402, 0x1)
ioctl$DRM_IOCTL_ADD_BUFS(r1, 0xc0206416, &(0x7f00000000c0)={0xd7, 0x7, 0x14bd, 0x5, 0x1e, 0x67})
ioctl(r4, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
r5 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/sys/net/ipv4/vs/am_droprate\x00', 0x2, 0x0)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f00000002c0)={<r6=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r5, 0x84, 0x11, &(0x7f0000000340)={r6, 0xfffffffeffffffff}, 0x8)
getsockopt$inet_sctp_SCTP_PEER_AUTH_CHUNKS(r1, 0x84, 0x1a, &(0x7f0000000180)={<r7=>0x0, 0x88, "a4d884b96a639d6bf2b250b2318d01f08f6b0d43e14434f37a0bd9eff45d6b7d3baf2556ee2b1a6d080202b922bb1586ad5369bff114f8c2f63e4d5fed52c67cec5fc5974adaceaea0aa10e314250d7426a98fd884177e48bfc411c91f096294d2b2cb2cd929e677687f0ad79f54de47d305a45fd9ba920d50fdfa1520a3a6f16505208e17c518f6"}, &(0x7f0000000240)=0x90)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r5, 0x84, 0x7c, &(0x7f0000000280)={r7, 0x5}, 0x8)

[  373.399463][T21813]  ? kvm_apic_has_interrupt+0x543/0xa40
[  373.405481][T21813]  ? kvm_mmu_unload+0xf0/0xf0
[  373.410195][T21813]  ? __kasan_check_write+0x14/0x20
[  373.415346][T21813]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  373.421098][T21813]  ? kvm_apic_accept_events+0x18f/0x470
[  373.428242][T21813]  ? kvm_apic_has_interrupt+0x543/0xa40
[  373.433928][T21813]  vcpu_enter_guest+0x3ffc/0x5530
[  373.439147][T21813]  ? local_bh_enable+0x30/0x30
[  373.443932][T21813]  ? lock_acquire+0x158/0x250
[  373.448624][T21813]  ? rcu_lock_acquire+0xd/0x40
00:34:57 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0xb, 0x4)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = dup2(r0, r1)
ioctl$PPPIOCGUNIT(r2, 0x80047456, &(0x7f0000000040))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000))

[  373.453422][T21813]  vcpu_run+0x393/0xd40
[  373.457605][T21813]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  373.463092][T21813]  kvm_vcpu_ioctl+0x792/0xba0
[  373.463104][T21813]  ? kvm_vm_release+0x50/0x50
[  373.463115][T21813]  ? tomoyo_path_number_perm+0x587/0x740
[  373.463133][T21813]  ? trace_hardirqs_on+0x74/0x80
[  373.483280][T21813]  ? tomoyo_path_number_perm+0x5f0/0x740
[  373.488931][T21813]  ? tomoyo_check_path_acl+0x180/0x180
[  373.494426][T21813]  ? kvm_vm_release+0x50/0x50
[  373.499130][T21813]  do_vfs_ioctl+0x7d4/0x18f0
[  373.503742][T21813]  ? __lock_acquire+0x4750/0x4750
[  373.508818][T21813]  ? ioctl_preallocate+0x240/0x240
[  373.508837][T21813]  ? fget_many+0x30/0x30
[  373.508846][T21813]  ? debug_smp_processor_id+0x1c/0x20
[  373.508857][T21813]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  373.508869][T21813]  ? tomoyo_file_ioctl+0x23/0x30
[  373.508880][T21813]  ? security_file_ioctl+0xa1/0xd0
[  373.508890][T21813]  __x64_sys_ioctl+0xe3/0x120
[  373.508916][T21813]  do_syscall_64+0xfe/0x140
[  373.523760][T21813]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  373.523770][T21813] RIP: 0033:0x459829
[  373.523781][T21813] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  373.523786][T21813] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  373.523795][T21813] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  373.523800][T21813] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  373.523813][T21813] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  373.611589][T21813] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  373.619659][T21813] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:34:58 executing program 5 (fault-call:9 fault-nth:10):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  373.710397][T21812] input: syz1 as /devices/virtual/input/input359
[  373.798757][T21847] FAULT_INJECTION: forcing a failure.
[  373.798757][T21847] name failslab, interval 1, probability 0, space 0, times 0
[  373.811929][T21847] CPU: 1 PID: 21847 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  373.819930][T21847] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  373.819935][T21847] Call Trace:
[  373.819960][T21847]  dump_stack+0x1d8/0x2f8
[  373.819984][T21847]  should_fail+0x608/0x860
[  373.819999][T21847]  ? setup_fault_attr+0x2b0/0x2b0
[  373.820015][T21847]  __should_failslab+0x11a/0x160
[  373.820030][T21847]  ? mmu_topup_memory_caches+0x93/0x490
[  373.820041][T21847]  should_failslab+0x9/0x20
[  373.820053][T21847]  kmem_cache_alloc+0x56/0x2e0
[  373.820062][T21847]  ? mmu_topup_memory_caches+0x93/0x490
[  373.820074][T21847]  mmu_topup_memory_caches+0x93/0x490
[  373.820084][T21847]  kvm_mmu_load+0x9c/0x1cc0
[  373.820094][T21847]  ? retint_kernel+0x2b/0x2b
[  373.820114][T21847]  ? vmx_flush_tlb+0x2b3/0x600
[  373.833672][T21847]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  373.842422][T21847]  ? kvm_apic_has_interrupt+0x543/0xa40
[  373.842435][T21847]  ? kvm_mmu_unload+0xf0/0xf0
[  373.842448][T21847]  ? __kasan_check_write+0x14/0x20
[  373.842457][T21847]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  373.842466][T21847]  ? kvm_apic_accept_events+0x18f/0x470
[  373.842482][T21847]  ? kvm_apic_has_interrupt+0x543/0xa40
[  373.852469][T21847]  vcpu_enter_guest+0x3ffc/0x5530
[  373.852487][T21847]  ? local_bh_enable+0x30/0x30
[  373.852499][T21847]  ? lock_acquire+0x158/0x250
[  373.852506][T21847]  ? rcu_lock_acquire+0xd/0x40
[  373.852523][T21847]  vcpu_run+0x393/0xd40
[  373.852539][T21847]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  373.882937][T21847]  kvm_vcpu_ioctl+0x792/0xba0
[  373.892291][T21847]  ? kvm_vm_release+0x50/0x50
[  373.892302][T21847]  ? tomoyo_path_number_perm+0x587/0x740
[  373.892313][T21847]  ? trace_hardirqs_on+0x74/0x80
[  373.892324][T21847]  ? tomoyo_path_number_perm+0x5f0/0x740
[  373.892337][T21847]  ? tomoyo_check_path_acl+0x180/0x180
[  373.892352][T21847]  ? kvm_vm_release+0x50/0x50
[  373.994099][T21847]  do_vfs_ioctl+0x7d4/0x18f0
[  373.998683][T21847]  ? __lock_acquire+0x4750/0x4750
[  374.003715][T21847]  ? ioctl_preallocate+0x240/0x240
[  374.008844][T21847]  ? fget_many+0x30/0x30
[  374.013083][T21847]  ? debug_smp_processor_id+0x1c/0x20
[  374.018464][T21847]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  374.024546][T21847]  ? tomoyo_file_ioctl+0x23/0x30
[  374.029476][T21847]  ? security_file_ioctl+0xa1/0xd0
[  374.034598][T21847]  __x64_sys_ioctl+0xe3/0x120
[  374.039278][T21847]  do_syscall_64+0xfe/0x140
[  374.043802][T21847]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  374.049707][T21847] RIP: 0033:0x459829
[  374.053619][T21847] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  374.073237][T21847] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  374.081651][T21847] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  374.089607][T21847] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
00:34:58 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:58 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x9)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:58 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)
ioctl$SG_EMULATED_HOST(r1, 0x2203, &(0x7f00000000c0))
setsockopt$inet6_buf(r1, 0x29, 0x15, &(0x7f0000000140)="bb9545dfa258a83bc59cf0c6e0c2b24527fc5a1234a34a0c8d39e7f43c1115eb99771fa371a05b2d0f8b648f1fdb871accbd2a9525668208944ecf6b553931344f3471c7931b1b8b6537d144fb237300baf36c20a7b801abb7bf3dc24446878a9948909c7397bea5948b5e80d8081ec3db311f50cb5a83e7444b9c41fe7bed651f57dc", 0x83)

00:34:58 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:58 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x0, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = syz_open_dev$cec(&(0x7f0000000080)='/dev/cec#\x00', 0x1, 0x2)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f0000000140)='TIPC\x00')
sendmsg$TIPC_CMD_GET_LINKS(r1, &(0x7f0000000200)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x24, r2, 0x200, 0x70bd2a, 0x25dfdbfb, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0xfffffffffffffffe}}, [""]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x40001)
setsockopt$IP_VS_SO_SET_DELDEST(r1, 0x0, 0x488, &(0x7f0000000240)={{0x3b, @local, 0x4e24, 0x2, 'ovf\x00', 0xa, 0x4, 0x4d}, {@dev={0xac, 0x14, 0x14, 0x11}, 0x4e20, 0x0, 0x8, 0x17d, 0x1000000001}}, 0x44)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
pipe2$9p(&(0x7f0000000000)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x4800)
write$P9_RLERROR(r3, &(0x7f0000000040)={0x15, 0x7, 0x1, {0xc, 'vboxnet0-(]('}}, 0x15)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  374.097566][T21847] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  374.105535][T21847] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  374.113510][T21847] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:34:58 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x6, 0x48)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

00:34:58 executing program 5 (fault-call:9 fault-nth:11):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:58 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2)
openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x4000, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000080)='/dev/snd/pcmC#D#c\x00', 0x4, 0x200000)
r1 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vga_arbiter\x00', 0x400000, 0x0)
mlock(&(0x7f0000ffd000/0x2000)=nil, 0x2000)
getsockname$unix(r0, &(0x7f0000000100), &(0x7f0000000180)=0x6e)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x1)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3)

00:34:58 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x5)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f0000000000))
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  374.231290][T21853] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:34:58 executing program 1:
r0 = accept4$bt_l2cap(0xffffffffffffffff, 0x0, &(0x7f0000001380), 0x800)
r1 = gettid()
r2 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000380)='/dev/mixer\x00', 0x30000, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000440)={'ip6tnl0\x00', <r3=>0x0})
ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f0000000480)={'vcan0\x00', r3})
ioctl$sock_SIOCSPGRP(r0, 0x8902, &(0x7f00000013c0)=r1)
r4 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r4, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r4, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r5 = fcntl$dupfd(r4, 0x0, r4)
r6 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r6, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r5, &(0x7f0000000000)={0x1f, {0x40000000002, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r5, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  374.302586][T21868] FAULT_INJECTION: forcing a failure.
[  374.302586][T21868] name failslab, interval 1, probability 0, space 0, times 0
00:34:58 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:58 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000080)='/dev/cachefiles\x00', 0x80, 0x0)
epoll_ctl$EPOLL_CTL_DEL(r2, 0x2, r0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)
r4 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x2000, 0x0)
write$FUSE_NOTIFY_POLL(r4, &(0x7f0000000040)={0x18, 0x1, 0x0, {0x100000001}}, 0x18)

[  374.349764][T21878] input: syz1 as /devices/virtual/input/input362
[  374.395081][T21868] CPU: 1 PID: 21868 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  374.403285][T21868] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  374.403291][T21868] Call Trace:
[  374.403318][T21868]  dump_stack+0x1d8/0x2f8
[  374.403332][T21868]  should_fail+0x608/0x860
[  374.403344][T21868]  ? setup_fault_attr+0x2b0/0x2b0
[  374.403369][T21868]  __should_failslab+0x11a/0x160
[  374.421058][T21868]  ? mmu_topup_memory_caches+0x93/0x490
[  374.431006][T21868]  should_failslab+0x9/0x20
[  374.431020][T21868]  kmem_cache_alloc+0x56/0x2e0
[  374.431031][T21868]  ? mmu_topup_memory_caches+0x93/0x490
[  374.431041][T21868]  mmu_topup_memory_caches+0x93/0x490
[  374.431051][T21868]  kvm_mmu_load+0x9c/0x1cc0
[  374.431069][T21868]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  374.446391][T21868]  ? __lock_acquire+0x4750/0x4750
[  374.446409][T21868]  ? vmx_flush_tlb+0x2b3/0x600
[  374.446427][T21868]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  374.462106][T21868]  ? kvm_apic_has_interrupt+0x543/0xa40
[  374.462120][T21868]  ? kvm_mmu_unload+0xf0/0xf0
[  374.462134][T21868]  ? __kasan_check_write+0x14/0x20
[  374.462150][T21868]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  374.493147][T21868]  ? kvm_apic_accept_events+0x18f/0x470
[  374.493157][T21868]  ? kvm_apic_has_interrupt+0x543/0xa40
[  374.493173][T21868]  vcpu_enter_guest+0x3ffc/0x5530
[  374.493190][T21868]  ? local_bh_enable+0x30/0x30
[  374.493202][T21868]  ? lock_acquire+0x158/0x250
[  374.493218][T21868]  ? rcu_lock_acquire+0xd/0x40
[  374.519721][T21868]  vcpu_run+0x393/0xd40
[  374.529627][T21868]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  374.529639][T21868]  kvm_vcpu_ioctl+0x792/0xba0
[  374.529647][T21868]  ? kvm_vm_release+0x50/0x50
[  374.529658][T21868]  ? tomoyo_path_number_perm+0x587/0x740
[  374.529668][T21868]  ? trace_hardirqs_on+0x74/0x80
[  374.529684][T21868]  ? tomoyo_path_number_perm+0x5f0/0x740
[  374.538933][T21884] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  374.539137][T21868]  ? tomoyo_check_path_acl+0x180/0x180
[  374.539152][T21868]  ? kvm_vm_release+0x50/0x50
[  374.539171][T21868]  do_vfs_ioctl+0x7d4/0x18f0
[  374.548819][T21868]  ? __lock_acquire+0x4750/0x4750
[  374.548831][T21868]  ? ioctl_preallocate+0x240/0x240
[  374.548850][T21868]  ? fget_many+0x30/0x30
[  374.548858][T21868]  ? debug_smp_processor_id+0x1c/0x20
[  374.548868][T21868]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  374.548880][T21868]  ? tomoyo_file_ioctl+0x23/0x30
[  374.548891][T21868]  ? security_file_ioctl+0xa1/0xd0
[  374.548900][T21868]  __x64_sys_ioctl+0xe3/0x120
[  374.548914][T21868]  do_syscall_64+0xfe/0x140
[  374.548932][T21868]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  374.558301][T21868] RIP: 0033:0x459829
[  374.558312][T21868] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  374.558317][T21868] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  374.558326][T21868] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  374.558330][T21868] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  374.558335][T21868] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  374.558340][T21868] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  374.558345][T21868] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:34:59 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:34:59 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x404)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:34:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000300)=0x61e67a7b000, 0x4)
r1 = syz_open_dev$sndpcmp(&(0x7f0000000000)='/dev/snd/pcmC#D#p\x00', 0xb742, 0x2081)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(0xffffffffffffffff, 0x84, 0x10, &(0x7f0000000340)=@sack_info={<r2=>0x0, 0x101, 0xc22a}, &(0x7f0000000140)=0x42)
getsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000180)={0xfffffffffffffffc, 0x5, 0x4, 0x7ff, <r3=>0x0}, &(0x7f00000001c0)=0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000b00)={'team0\x00', <r4=>0x0})
r5 = geteuid()
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000b40)={{{@in6=@remote, @in6=@mcast1, 0x4e20, 0x0, 0x4e21, 0x9, 0xa, 0xa0, 0xa0, 0x8, r4, r5}, {0x3, 0x100, 0x2, 0x6, 0x75fb, 0xfffffffffffffffc, 0x10, 0xa1de}, {0x9, 0x8001, 0x101, 0x7}, 0x6, 0x6e6bbc, 0x0, 0x0, 0x0, 0x1}, {{@in6=@initdev={0xfe, 0x88, [], 0x0, 0x0}, 0x4d3, 0x3c}, 0x2, @in6=@initdev={0xfe, 0x88, [], 0x1, 0x0}, 0x3505, 0x0, 0x2, 0x1f, 0x4, 0x1f3, 0x7}}, 0xe8)
accept(r1, &(0x7f0000000380)=@hci={0x1f, <r6=>0x0}, &(0x7f0000000400)=0x159)
sendmsg$can_raw(r1, &(0x7f0000000500)={&(0x7f0000000440)={0x1d, r6}, 0x10, &(0x7f00000004c0)={&(0x7f0000000480)=@can={{0x3, 0x1, 0x101, 0x6}, 0x4, 0x2, 0x0, 0x0, "4671d7b6f02491b7"}, 0x10}, 0x1, 0x0, 0x0, 0x8000}, 0x40)
ioctl$sock_ax25_SIOCADDRT(r1, 0x890b, &(0x7f0000000080)={@default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x8, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @bcast, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}]})
ioctl$KVM_ENABLE_CAP(r1, 0x4068aea3, &(0x7f0000000900)={0xf5, 0x0, [0xfffffffffffffc3e, 0x2, 0x7ff, 0x1ff]})
getsockopt$inet_sctp_SCTP_STATUS(r1, 0x84, 0xe, &(0x7f0000000200)={r2, 0x5, 0xfff, 0x6, 0x1, 0x6f, 0x8, 0x81, {r3, @in6={{0xa, 0x4e24, 0x6, @local, 0x497}}, 0x4, 0x1, 0xfffffffffffffffd, 0x3ff, 0x1}}, &(0x7f00000002c0)=0xb0)
kexec_load(0xef, 0x4, &(0x7f0000000880)=[{&(0x7f0000000540)="7bbe6fb19e3b923ac6b1dec8bae658ec18291a53703ece4f128381b24d7e45f69a58747da0ea7006d5763c1e98a3e1a34c54ac888df7c5bb046cf56ae960f50682be65ff941c0814f47715c687e3dfc183e38825921b6d8bf6e299888e46ff2c09f3523b29490f80db53921203788d5c9c7749a35f96e98f2bdce42c1e6b0a5b8b394268d4da60cf2a8870a591d9a5884556c47f635ecde553a835abf46fcfde8f1f62d904cc246fcbf4", 0xaa, 0x4000, 0x2}, {&(0x7f0000000980)="f385add27d759205b501aebde99944f49cf3286fe52b48b2d0e293560cede65a54dc55b35889f508a7e116d328890decf36d9e0cd35473f3567b24a8d1ce436afcde84701a71e06f4b521295e36d286a6876719889427e957888393dd1d99f5a7a3dfae2569169f446a06820dfdf55370e0eca3793264eeb592c501b7def108f4aa83c4329ddede8d42d29393c89276650f9fa9cc6090b6e5f6aece21742152c961075f799befb63808ee7341f521b3b22f02ec862a88d343b51bb2defd59617a4bf06e4f0cc721974a5903dca805824", 0xd0, 0x40, 0xb2da}, {&(0x7f0000000700)="dcc38d540739e8ed04fcc2894c84368bd7dde89b06ad9e46e8cf17083c3df4234b20deed0ddbfe250c2ff30dcf2189b69053eaef6a26580d6988b1a6ea12ec178110f6e090ff4090aac7ae9d9092694f28461ccd9052", 0x56, 0x7fffffff, 0x5}, {&(0x7f0000000780)="2d75d7eaed8dc1b7cbca76fad6c790eae30ad9613aad53f84aab2ce07dc68f4bcd677249ebb70dfe72809c0ac9f32e296aa8233a48ceb68b884ae09ba9e5c4ba5b24dd08beddfafeb101e0d9b080ca97a05acbb87ecee205f59241abd861cc9ad3c1d855c00ae6ab51c8e151bfd1d726d66278e1bb6da6104f72c359097103b24915f50b7a31eb14a16c768087aa947d210e6415fa18f1e5e9520e4fea8c037f7c85c13ff8d3936dd8f9ca78bd6bd03ba21a8f1cc7ae88e04baede9fa317cebf812494f49d72f1c26a43658604a42673700010548b81a9a63db12fb7", 0xdc, 0x5, 0x1}], 0xa0000)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r7 = fcntl$dupfd(r0, 0x0, r0)
r8 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r8, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
write$P9_RXATTRWALK(r7, &(0x7f0000000040)={0xf, 0x9}, 0xf)
r9 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000600)='/proc/capi/capi20ncci\x00', 0x101000, 0x0)
ioctl$VHOST_GET_VRING_BASE(r9, 0xc008af12, &(0x7f0000000640))

00:34:59 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(0xffffffffffffffff, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:59 executing program 5 (fault-call:9 fault-nth:12):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:34:59 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x307)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x0, 0x0)
ioctl$VIDIOC_TRY_ENCODER_CMD(r1, 0xc028564e, &(0x7f0000000040)={0x3, 0x1, [0xfffffffffffffff8, 0x345, 0x1, 0x5, 0x1, 0x7fffffff, 0x4]})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140)='hfsplus\x00', 0xa800, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  375.109628][T21906] input: syz1 as /devices/virtual/input/input364
[  375.142947][T21902] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  375.153057][T21903] FAULT_INJECTION: forcing a failure.
00:34:59 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)
socket$alg(0x26, 0x5, 0x0)
ftruncate(r0, 0x247)

00:34:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x19, &(0x7f0000000080)=0x61e67a7b004, 0xffffffffffffff6e)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
eventfd(0x7)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  375.153057][T21903] name failslab, interval 1, probability 0, space 0, times 0
00:34:59 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  375.221600][T21903] CPU: 1 PID: 21903 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  375.229632][T21903] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  375.229637][T21903] Call Trace:
[  375.229665][T21903]  dump_stack+0x1d8/0x2f8
[  375.229681][T21903]  should_fail+0x608/0x860
[  375.229695][T21903]  ? setup_fault_attr+0x2b0/0x2b0
[  375.229716][T21903]  __should_failslab+0x11a/0x160
[  375.243072][T21903]  ? mmu_topup_memory_caches+0x93/0x490
[  375.251863][T21903]  should_failslab+0x9/0x20
[  375.251877][T21903]  kmem_cache_alloc+0x56/0x2e0
[  375.251888][T21903]  ? mmu_topup_memory_caches+0x93/0x490
[  375.251899][T21903]  mmu_topup_memory_caches+0x93/0x490
[  375.251920][T21903]  kvm_mmu_load+0x9c/0x1cc0
[  375.268951][T21903]  ? trace_hardirqs_on_thunk+0x1a/0x20
[  375.268964][T21903]  ? trace_irq_enable_rcuidle+0x23/0x1e0
[  375.268972][T21903]  ? trace_hardirqs_on_caller+0x46/0x80
[  375.268983][T21903]  ? kvm_apic_has_interrupt+0x543/0xa40
[  375.268994][T21903]  ? kvm_mmu_unload+0xf0/0xf0
[  375.269016][T21903]  ? __kasan_check_write+0x14/0x20
[  375.283864][T21903]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  375.283875][T21903]  ? kvm_apic_has_interrupt+0x543/0xa40
[  375.283892][T21903]  vcpu_enter_guest+0x3ffc/0x5530
[  375.283908][T21903]  ? local_bh_enable+0x30/0x30
[  375.283921][T21903]  ? lock_acquire+0x158/0x250
[  375.283928][T21903]  ? rcu_lock_acquire+0xd/0x40
[  375.283945][T21903]  vcpu_run+0x393/0xd40
00:34:59 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000140)={0x3a9, 0x9}, 0x1)

00:34:59 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = dup(r1)
ioctl$KVM_X86_SETUP_MCE(r2, 0x4008ae9c, &(0x7f0000000000)={0xa, 0x4, 0x3})

[  375.295950][T21903]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  375.295961][T21903]  kvm_vcpu_ioctl+0x792/0xba0
[  375.295969][T21903]  ? kvm_vm_release+0x50/0x50
[  375.295979][T21903]  ? tomoyo_path_number_perm+0x587/0x740
[  375.295990][T21903]  ? trace_hardirqs_on+0x74/0x80
[  375.296001][T21903]  ? tomoyo_path_number_perm+0x5f0/0x740
[  375.296014][T21903]  ? tomoyo_check_path_acl+0x180/0x180
[  375.296025][T21903]  ? kvm_vm_release+0x50/0x50
[  375.296035][T21903]  do_vfs_ioctl+0x7d4/0x18f0
[  375.296046][T21903]  ? __lock_acquire+0x4750/0x4750
00:34:59 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  375.296056][T21903]  ? ioctl_preallocate+0x240/0x240
[  375.296073][T21903]  ? fget_many+0x30/0x30
[  375.296081][T21903]  ? debug_smp_processor_id+0x1c/0x20
[  375.296091][T21903]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  375.296102][T21903]  ? tomoyo_file_ioctl+0x23/0x30
[  375.296114][T21903]  ? security_file_ioctl+0xa1/0xd0
[  375.296130][T21903]  __x64_sys_ioctl+0xe3/0x120
[  375.306108][T21903]  do_syscall_64+0xfe/0x140
[  375.306121][T21903]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  375.306130][T21903] RIP: 0033:0x459829
[  375.306142][T21903] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  375.306147][T21903] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  375.306156][T21903] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  375.306161][T21903] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  375.306166][T21903] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  375.306171][T21903] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  375.306175][T21903] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  375.557486][T21906] input: syz1 as /devices/virtual/input/input365
00:35:00 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:00 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f00000081c0)=[{{&(0x7f0000000340)=@tipc, 0x80, &(0x7f00000027c0)=[{&(0x7f00000003c0)=""/170, 0xaa}, {&(0x7f0000000480)=""/154, 0x9a}, {&(0x7f0000000540)=""/29, 0x1d}, {&(0x7f0000000580)=""/56, 0x38}, {&(0x7f00000005c0)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/148, 0x94}, {&(0x7f0000001680)}, {&(0x7f00000016c0)=""/208, 0xd0}, {&(0x7f00000017c0)=""/4096, 0x1000}], 0x9, &(0x7f0000002880)=""/46, 0x2e}, 0x9}, {{&(0x7f00000028c0)=@nfc, 0x80, &(0x7f0000002a00)=[{&(0x7f0000002940)=""/105, 0x69}, {&(0x7f00000029c0)=""/13, 0xd}], 0x2, &(0x7f0000002a40)=""/74, 0x4a}, 0xd5bf}, {{&(0x7f0000002ac0)=@can, 0x80, &(0x7f0000003040)=[{&(0x7f0000002b40)=""/138, 0x8a}, {&(0x7f0000002c00)=""/220, 0xdc}, {&(0x7f0000002d00)=""/154, 0x9a}, {&(0x7f0000002dc0)=""/234, 0xea}, {&(0x7f0000002ec0)=""/223, 0xdf}, {&(0x7f0000008400)=""/19, 0x13}, {&(0x7f0000003000)}], 0x7, &(0x7f00000030c0)=""/233, 0xe9}, 0x3f}, {{&(0x7f00000031c0)=@in={0x2, 0x0, @multicast1}, 0x80, &(0x7f0000003540)=[{&(0x7f0000003240)=""/31, 0x1f}, {&(0x7f0000003280)=""/54, 0x36}, {&(0x7f00000032c0)=""/159, 0x9f}, {&(0x7f0000003380)=""/153, 0x99}, {&(0x7f0000003440)=""/56, 0x38}, {&(0x7f0000003480)=""/173, 0xad}], 0x6, &(0x7f00000035c0)=""/104, 0x68}, 0xffff}, {{&(0x7f0000003640)=@pppol2tp={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @loopback}}}, 0x80, &(0x7f00000039c0)=[{&(0x7f00000036c0)=""/185, 0xb9}, {&(0x7f0000003780)=""/94, 0x5e}, {&(0x7f0000003800)=""/210, 0xd2}, {&(0x7f0000003900)=""/131, 0x83}], 0x4, &(0x7f0000003a00)=""/199, 0xc7}, 0x7}, {{0x0, 0x0, &(0x7f0000003cc0)=[{&(0x7f0000003b00)=""/193, 0xc1}, {&(0x7f0000003c00)=""/178, 0xb2}], 0x2, &(0x7f0000003d00)=""/45, 0x2d}, 0x4fb}, {{0x0, 0x0, &(0x7f0000006fc0)=[{&(0x7f00000083c0)=""/17, 0x11}, {&(0x7f0000003d80)=""/91, 0x5b}, {&(0x7f0000003e00)=""/176, 0xb0}, {&(0x7f0000003ec0)=""/4096, 0x1000}, {&(0x7f0000004ec0)=""/4096, 0x1000}, {&(0x7f0000005ec0)=""/4096, 0x1000}, {&(0x7f0000006ec0)=""/200, 0xc8}], 0x7, &(0x7f0000007040)=""/4096, 0x1000}, 0x100000001}, {{0x0, 0x0, &(0x7f0000008080)=[{&(0x7f0000008040)=""/5, 0x5}], 0x1, &(0x7f00000080c0)=""/231, 0xe7}, 0xfffffffffffffd9a}], 0x8, 0x0, 0x0)
pipe2(&(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000300)={0x1, &(0x7f0000000180)=[{0x4, 0x4, 0xfffffffffffffff9, 0xe5cf}]})
r3 = fcntl$dupfd(r0, 0x0, r0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$KVM_GET_FPU(r2, 0x81a0ae8c, &(0x7f0000008500))
ioctl(r4, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
bind$bt_rfcomm(r3, &(0x7f0000000000)={0x1f, {0x0, 0x1ff, 0x3, 0x800000000}}, 0xffffffffffffff64)
ioctl$EVIOCSMASK(r3, 0x40104593, &(0x7f0000000240)={0x2, 0x18, &(0x7f0000000200)="3285edad8e21e692c89ef57e049c274e3bc4dc13a1c89f6f"})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f0000008440)={0x7f, 0x8000, 0x800, 'queue0\x00', 0xe2a8})
write$P9_RXATTRWALK(r1, &(0x7f0000001680)={0xf, 0x1f, 0x1, 0x6}, 0xf)
write$P9_RXATTRWALK(r3, &(0x7f0000000040)={0xf, 0x9}, 0xf)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000280)=ANY=[@ANYRES32=<r5=>0x0, @ANYBLOB="410000004d0e81e106000000000000009dec01a9c635e5bf8cb906485d0800000000000000c3ca24f3894b16e30cf544981b30bd35bd65c34628010400000000000088f3b53d9cd9d8c5"], &(0x7f00000000c0)=0x49)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(r3, 0x84, 0x18, &(0x7f00000001c0)={r5, 0x1000}, 0x8)

00:35:00 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x4001fc)
socket$inet(0x2, 0x4001000000000001, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/pmtu_disc\x00', 0x2, 0x0)
getsockopt$inet_sctp6_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000000040)={<r2=>0x0, 0x9, 0x730, 0x1}, &(0x7f0000000080)=0x10)
write$nbd(r1, &(0x7f0000000180)={0x67446698, 0x1, 0x3, 0x2, 0x4, "6ebe6522c58ed565f999438ac731ee7eb6d4ae97daf994f7c67914c2c4dff683c18b708aa7691c57eea3d6b7596a1cfea87f98d40b29b5d4e98468482bf8f39ee02ab4749dca30a7416af6be808da64f524245fff61a"}, 0x66)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000000c0)={r2, @in={{0x2, 0x4e24, @broadcast}}, 0x7, 0x60000000, 0x8, 0x40, 0x4}, 0x98)
unshare(0x803)
socket$inet_udplite(0x2, 0x2, 0x88)

00:35:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:00 executing program 5 (fault-call:9 fault-nth:13):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:00 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x15)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:00 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
setsockopt$IP_VS_SO_SET_DEL(r1, 0x0, 0x484, &(0x7f0000000100)={0x2f, @rand_addr=0x2, 0x4e23, 0x4, 'rr\x00', 0x2, 0x7, 0x4}, 0x2c)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:00 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x581001, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r1, 0x641e)
getsockopt$inet_sctp6_SCTP_PEER_AUTH_CHUNKS(0xffffffffffffffff, 0x84, 0x1a, &(0x7f0000000040)={<r2=>0x0, 0x32, "1d0675984465ac85469510b3313362632fc8d8d16663f166522d12749b995cb139567029aba5ebb6ba07526014f92819e393"}, &(0x7f0000000080)=0x3a)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f00000000c0)={r2}, 0x8)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)

[  376.038538][T21947] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  376.057490][T21950] FAULT_INJECTION: forcing a failure.
[  376.057490][T21950] name failslab, interval 1, probability 0, space 0, times 0
[  376.086497][T21950] CPU: 0 PID: 21950 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  376.094515][T21950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  376.104572][T21950] Call Trace:
[  376.104598][T21950]  dump_stack+0x1d8/0x2f8
[  376.104611][T21950]  should_fail+0x608/0x860
[  376.104623][T21950]  ? setup_fault_attr+0x2b0/0x2b0
[  376.104640][T21950]  __should_failslab+0x11a/0x160
[  376.104653][T21950]  ? mmu_topup_memory_caches+0x93/0x490
[  376.104664][T21950]  should_failslab+0x9/0x20
[  376.104676][T21950]  kmem_cache_alloc+0x56/0x2e0
[  376.104685][T21950]  ? mmu_topup_memory_caches+0x93/0x490
[  376.104697][T21950]  mmu_topup_memory_caches+0x93/0x490
[  376.104709][T21950]  kvm_mmu_load+0x9c/0x1cc0
[  376.104719][T21950]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  376.104728][T21950]  ? __lock_acquire+0x4750/0x4750
[  376.104736][T21950]  ? vmx_flush_tlb+0x2b3/0x600
[  376.104746][T21950]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  376.104764][T21950]  ? kvm_apic_has_interrupt+0x543/0xa40
[  376.147047][T21950]  ? kvm_mmu_unload+0xf0/0xf0
[  376.147061][T21950]  ? __kasan_check_write+0x14/0x20
[  376.147071][T21950]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  376.147080][T21950]  ? kvm_apic_accept_events+0x18f/0x470
[  376.147088][T21950]  ? kvm_apic_has_interrupt+0x543/0xa40
[  376.147102][T21950]  vcpu_enter_guest+0x3ffc/0x5530
[  376.147123][T21950]  ? local_bh_enable+0x30/0x30
[  376.162454][T21950]  ? lock_acquire+0x158/0x250
[  376.162463][T21950]  ? rcu_lock_acquire+0xd/0x40
[  376.162478][T21950]  vcpu_run+0x393/0xd40
[  376.162497][T21950]  kvm_arch_vcpu_ioctl_run+0x636/0x900
00:35:00 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:35:00 executing program 1:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x1d, &(0x7f0000000080)=0x61e67a7b000, 0x4)
recvmmsg(r0, &(0x7f0000000200), 0x61a, 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r2, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
fcntl$getflags(r2, 0xb)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0xffffffffffffffff, 0x1ff, 0x3}}, 0xa)
write$P9_RXATTRWALK(r1, &(0x7f0000000040)={0xf, 0x9}, 0xf)

[  376.202349][T21960] IPVS: set_ctl: invalid protocol: 47 0.0.0.2:20003
[  376.204449][T21950]  kvm_vcpu_ioctl+0x792/0xba0
[  376.204461][T21950]  ? kvm_vm_release+0x50/0x50
[  376.204472][T21950]  ? tomoyo_path_number_perm+0x587/0x740
[  376.204490][T21950]  ? trace_hardirqs_on+0x74/0x80
[  376.215070][T21950]  ? tomoyo_path_number_perm+0x5f0/0x740
[  376.215085][T21950]  ? tomoyo_check_path_acl+0x180/0x180
[  376.215098][T21950]  ? kvm_vm_release+0x50/0x50
[  376.215109][T21950]  do_vfs_ioctl+0x7d4/0x18f0
[  376.215122][T21950]  ? __lock_acquire+0x4750/0x4750
[  376.215136][T21950]  ? ioctl_preallocate+0x240/0x240
[  376.224588][T21950]  ? fget_many+0x30/0x30
[  376.224598][T21950]  ? debug_smp_processor_id+0x1c/0x20
[  376.224608][T21950]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  376.224621][T21950]  ? tomoyo_file_ioctl+0x23/0x30
[  376.224638][T21950]  ? security_file_ioctl+0xa1/0xd0
[  376.233561][T21950]  __x64_sys_ioctl+0xe3/0x120
[  376.233576][T21950]  do_syscall_64+0xfe/0x140
[  376.233589][T21950]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
00:35:00 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r1 = openat$null(0xffffffffffffff9c, &(0x7f0000000000)='/dev/null\x00', 0x2, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0xc4)

[  376.233598][T21950] RIP: 0033:0x459829
[  376.233613][T21950] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  376.250343][T21950] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  376.250353][T21950] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  376.250357][T21950] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
00:35:00 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000000, 0xffffffeffffffffe)
unshare(0x200)
openat$pidfd(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self\x00', 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  376.250363][T21950] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  376.250368][T21950] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  376.250373][T21950] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  376.410118][T21960] input: syz1 as /devices/virtual/input/input369
[  376.503734][T21969] input: syz1 as /devices/virtual/input/input370
00:35:01 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:01 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'dummy0\x00', 0x4100})
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:01 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
arch_prctl$ARCH_MAP_VDSO_X32(0x2001, 0x9)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:01 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:35:01 executing program 5 (fault-call:9 fault-nth:14):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:01 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x11)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:01 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
getsockopt$inet_sctp_SCTP_GET_LOCAL_ADDRS(r1, 0x84, 0x6d, &(0x7f0000000000)={<r2=>0x0, 0xd3, "9276c93db5dceecfe17062b687e25b730ceda66c659f65b1848274ea05acd50563a3178f253d0104be33034cbf56f3d021e6fc3a6e0b2eb628f481728a16b03df2a02cd26b21ccb5c8381ef31b9753e4d1f724febcc28857b74f8a062c69e11bfc49d7f9adec8b1ff64ef23ec8b82f1aa1e5915634d18e98719ffda508574bb9cd3fcee0f95c7af7efa2315d6ef4814e5125a1888a8da571dbee58460ed154483cc15be413fffc2bf20a5290aeb6ec7934fe70952ca27ca79db7fd8ff0b280d926f28f39d222ec531128bb3c321e1d25c6fca2"}, &(0x7f0000000100)=0xdb)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f0000000140)={r2, 0x5, 0x20, 0x1}, &(0x7f0000000180)=0x18)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  376.865021][T21994] device dummy0 entered promiscuous mode
[  376.884758][T21991] input: syz1 as /devices/virtual/input/input371
[  376.905820][T21991] input: failed to attach handler leds to device input371, error: -6
[  376.946640][T22004] FAULT_INJECTION: forcing a failure.
[  376.946640][T22004] name failslab, interval 1, probability 0, space 0, times 0
[  376.964020][T22004] CPU: 1 PID: 22004 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  376.972041][T22004] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  376.982100][T22004] Call Trace:
[  376.985399][T22004]  dump_stack+0x1d8/0x2f8
[  376.989750][T22004]  should_fail+0x608/0x860
[  376.994178][T22004]  ? setup_fault_attr+0x2b0/0x2b0
[  376.999216][T22004]  __should_failslab+0x11a/0x160
[  377.004159][T22004]  ? mmu_topup_memory_caches+0x93/0x490
[  377.009710][T22004]  should_failslab+0x9/0x20
[  377.014221][T22004]  kmem_cache_alloc+0x56/0x2e0
[  377.018993][T22004]  ? mmu_topup_memory_caches+0x93/0x490
[  377.024550][T22004]  mmu_topup_memory_caches+0x93/0x490
[  377.029933][T22004]  kvm_mmu_load+0x9c/0x1cc0
[  377.034444][T22004]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  377.039908][T22004]  ? __lock_acquire+0x4750/0x4750
[  377.044937][T22004]  ? vmx_flush_tlb+0x2b3/0x600
[  377.049710][T22004]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  377.055450][T22004]  ? kvm_apic_has_interrupt+0x543/0xa40
[  377.061002][T22004]  ? kvm_mmu_unload+0xf0/0xf0
[  377.065692][T22004]  ? __kasan_check_write+0x14/0x20
[  377.070809][T22004]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  377.076450][T22004]  ? kvm_apic_accept_events+0x18f/0x470
[  377.082002][T22004]  ? kvm_apic_has_interrupt+0x543/0xa40
[  377.087559][T22004]  vcpu_enter_guest+0x3ffc/0x5530
[  377.092596][T22004]  ? local_bh_enable+0x30/0x30
[  377.097369][T22004]  ? lock_acquire+0x158/0x250
[  377.102050][T22004]  ? rcu_lock_acquire+0xd/0x40
[  377.106823][T22004]  vcpu_run+0x393/0xd40
[  377.110997][T22004]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  377.116462][T22004]  kvm_vcpu_ioctl+0x792/0xba0
[  377.121143][T22004]  ? kvm_vm_release+0x50/0x50
[  377.125826][T22004]  ? tomoyo_path_number_perm+0x587/0x740
[  377.131461][T22004]  ? trace_hardirqs_on+0x74/0x80
[  377.136409][T22004]  ? tomoyo_path_number_perm+0x5f0/0x740
[  377.142051][T22004]  ? tomoyo_check_path_acl+0x180/0x180
[  377.147620][T22004]  ? kvm_vm_release+0x50/0x50
[  377.152300][T22004]  do_vfs_ioctl+0x7d4/0x18f0
[  377.156896][T22004]  ? __lock_acquire+0x4750/0x4750
[  377.161926][T22004]  ? ioctl_preallocate+0x240/0x240
[  377.167053][T22004]  ? fget_many+0x30/0x30
[  377.171295][T22004]  ? debug_smp_processor_id+0x1c/0x20
[  377.176668][T22004]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  377.182747][T22004]  ? tomoyo_file_ioctl+0x23/0x30
[  377.187693][T22004]  ? security_file_ioctl+0xa1/0xd0
[  377.192809][T22004]  __x64_sys_ioctl+0xe3/0x120
[  377.197493][T22004]  do_syscall_64+0xfe/0x140
[  377.202000][T22004]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  377.207891][T22004] RIP: 0033:0x459829
[  377.211781][T22004] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  377.231383][T22004] RSP: 002b:00007f0a0af98c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  377.239799][T22004] RAX: ffffffffffffffda RBX: 00007f0a0af98c90 RCX: 0000000000459829
[  377.247791][T22004] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  377.255765][T22004] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  377.263738][T22004] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0af996d4
[  377.271714][T22004] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  377.293222][T21991] input: syz1 as /devices/virtual/input/input372
[  377.309536][T21991] input: failed to attach handler leds to device input372, error: -6
00:35:01 executing program 5 (fault-call:9 fault-nth:15):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:01 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = accept4(0xffffffffffffffff, &(0x7f0000000000)=@llc={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @remote}, &(0x7f0000000080)=0x80, 0x800)
ioctl$PPPIOCGMRU(r1, 0x80047453, &(0x7f0000000100))
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(r1, 0x10f, 0x80, &(0x7f0000000140)=0x401, 0x4)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:01 executing program 1:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000000)={'dummy0\x00', 0x4100})
syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:01 executing program 1 (fault-call:6 fault-nth:0):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  377.477592][T22014] input: syz1 as /devices/virtual/input/input373
00:35:01 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

[  377.539251][T22015] FAULT_INJECTION: forcing a failure.
[  377.539251][T22015] name failslab, interval 1, probability 0, space 0, times 0
[  377.610264][T22015] CPU: 1 PID: 22015 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  377.618300][T22015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  377.628364][T22015] Call Trace:
[  377.631678][T22015]  dump_stack+0x1d8/0x2f8
[  377.636025][T22015]  should_fail+0x608/0x860
[  377.640456][T22015]  ? setup_fault_attr+0x2b0/0x2b0
[  377.645496][T22015]  __should_failslab+0x11a/0x160
[  377.645511][T22015]  ? mmu_topup_memory_caches+0x93/0x490
[  377.645527][T22015]  should_failslab+0x9/0x20
[  377.656022][T22015]  kmem_cache_alloc+0x56/0x2e0
[  377.656034][T22015]  ? mmu_topup_memory_caches+0x93/0x490
[  377.656044][T22015]  mmu_topup_memory_caches+0x93/0x490
[  377.656055][T22015]  kvm_mmu_load+0x9c/0x1cc0
[  377.656064][T22015]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  377.656073][T22015]  ? __lock_acquire+0x4750/0x4750
[  377.656081][T22015]  ? vmx_flush_tlb+0x2b3/0x600
[  377.656091][T22015]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  377.656099][T22015]  ? kvm_apic_has_interrupt+0x543/0xa40
[  377.656108][T22015]  ? kvm_mmu_unload+0xf0/0xf0
[  377.656124][T22015]  ? __kasan_check_write+0x14/0x20
[  377.711953][T22015]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  377.722698][T22015]  ? kvm_apic_accept_events+0x18f/0x470
[  377.722708][T22015]  ? kvm_apic_has_interrupt+0x543/0xa40
[  377.722724][T22015]  vcpu_enter_guest+0x3ffc/0x5530
[  377.722741][T22015]  ? local_bh_enable+0x30/0x30
[  377.722759][T22015]  ? lock_acquire+0x158/0x250
[  377.748304][T22015]  ? rcu_lock_acquire+0xd/0x40
[  377.753080][T22015]  vcpu_run+0x393/0xd40
[  377.757231][T22015]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  377.762687][T22015]  kvm_vcpu_ioctl+0x792/0xba0
[  377.767356][T22015]  ? kvm_vm_release+0x50/0x50
[  377.772020][T22015]  ? tomoyo_path_number_perm+0x587/0x740
[  377.777636][T22015]  ? trace_hardirqs_on+0x74/0x80
[  377.782561][T22015]  ? tomoyo_path_number_perm+0x5f0/0x740
[  377.788204][T22015]  ? tomoyo_check_path_acl+0x180/0x180
[  377.793660][T22015]  ? kvm_vm_release+0x50/0x50
[  377.798331][T22015]  do_vfs_ioctl+0x7d4/0x18f0
[  377.802900][T22015]  ? __lock_acquire+0x4750/0x4750
[  377.807911][T22015]  ? ioctl_preallocate+0x240/0x240
[  377.813008][T22015]  ? fget_many+0x30/0x30
[  377.817233][T22015]  ? debug_smp_processor_id+0x1c/0x20
[  377.822622][T22015]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  377.828699][T22015]  ? tomoyo_file_ioctl+0x23/0x30
[  377.833653][T22015]  ? security_file_ioctl+0xa1/0xd0
[  377.838766][T22015]  __x64_sys_ioctl+0xe3/0x120
[  377.843486][T22015]  do_syscall_64+0xfe/0x140
[  377.847989][T22015]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  377.853889][T22015] RIP: 0033:0x459829
[  377.857770][T22015] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  377.877363][T22015] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  377.885759][T22015] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  377.893775][T22015] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  377.901748][T22015] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
00:35:02 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:02 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = openat$zero(0xffffffffffffff9c, &(0x7f0000000000)='/dev/zero\x00', 0x2000, 0x0)
lsetxattr$security_smack_transmute(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000140)='TRUE', 0x4, 0x2)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_REM(r2, 0x84, 0x65, &(0x7f0000000040)=[@in={0x2, 0x4e23, @multicast1}, @in6={0xa, 0x4e21, 0x10000, @rand_addr="8bd224f5f28e4bf38492f27fa2e22e97", 0x7}, @in={0x2, 0x4e22, @loopback}, @in={0x2, 0x4e24, @multicast1}, @in={0x2, 0x4e21, @multicast2}], 0x5c)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r2, 0xc4c85513, &(0x7f0000000340)={{0x9, 0x0, 0x838, 0x400, '\x00', 0xfffffffffffffbff}, 0x0, [0x800, 0x26, 0x9, 0x1, 0x3, 0x371, 0x100000001, 0x400, 0x5, 0x7, 0x0, 0x4, 0x9d2, 0x0, 0x2, 0x10001, 0x400, 0xff, 0x1, 0x3, 0x0, 0xa3d, 0x67e, 0x1, 0x9e2, 0x2, 0x4541, 0xffff, 0x6, 0x0, 0x1ff, 0x3, 0x7f, 0x8, 0x1f, 0x101, 0x11, 0xdb, 0x7, 0x7fff, 0x3, 0x78b7, 0x5, 0x3ff, 0xbb, 0x0, 0x1f, 0x909, 0x200, 0xcf, 0x400, 0x4, 0x6, 0x7, 0x0, 0x620b91b0, 0x6, 0x6, 0x80000001, 0x800, 0x436, 0x48b, 0x8, 0x2, 0x1, 0x0, 0x6, 0xb, 0x4, 0x1, 0x6, 0x4, 0x7, 0x1000, 0x6, 0xfff, 0x8, 0x5, 0x4e, 0x2, 0x9, 0x6, 0x9, 0xcb, 0x0, 0x4, 0x426a, 0x1, 0x5, 0xfffffffffffffffd, 0x0, 0x7, 0x7, 0x100, 0x800, 0xfffffffffffff9db, 0x5, 0x1ff800000000, 0x6, 0x6, 0x8000000, 0x0, 0x0, 0x447c, 0x400, 0x0, 0x8, 0x36659942, 0x3, 0x3, 0x800, 0x8001, 0x2, 0xffff, 0xfffffffffffff800, 0x4, 0x7f, 0x4, 0x3, 0x9, 0x7, 0x9, 0x3, 0x7, 0x7f, 0xffff, 0x2, 0x1], {0x77359400}})
socket$tipc(0x1e, 0x0, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:02 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:02 executing program 2 (fault-call:9 fault-nth:0):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  377.909762][T22015] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  377.917724][T22015] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:35:02 executing program 5 (fault-call:9 fault-nth:16):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  377.982046][T22014] input: syz1 as /devices/virtual/input/input374
00:35:02 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0x21, 0x0, 0x0)
getsockopt$sock_timeval(r0, 0x1, 0x57, &(0x7f0000000000), &(0x7f0000000040)=0x10)

00:35:02 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{0xffffffff00000000}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  378.028610][T22030] FAULT_INJECTION: forcing a failure.
[  378.028610][T22030] name failslab, interval 1, probability 0, space 0, times 0
[  378.078254][T22030] CPU: 1 PID: 22030 Comm: syz-executor.2 Not tainted 5.3.0-rc2+ #57
[  378.086270][T22030] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  378.086275][T22030] Call Trace:
[  378.086299][T22030]  dump_stack+0x1d8/0x2f8
[  378.086324][T22030]  should_fail+0x608/0x860
[  378.086344][T22030]  ? setup_fault_attr+0x2b0/0x2b0
[  378.113454][T22030]  ? tomoyo_realpath_from_path+0xdc/0x7c0
[  378.119185][T22030]  __should_failslab+0x11a/0x160
[  378.124141][T22030]  ? tomoyo_realpath_from_path+0xdc/0x7c0
[  378.129871][T22030]  should_failslab+0x9/0x20
[  378.134391][T22030]  __kmalloc+0x7a/0x340
[  378.138560][T22030]  ? tomoyo_realpath_from_path+0xca/0x7c0
[  378.144300][T22030]  tomoyo_realpath_from_path+0xdc/0x7c0
[  378.149862][T22030]  tomoyo_path_number_perm+0x1e0/0x740
[  378.155334][T22030]  ? tomoyo_check_path_acl+0x180/0x180
[  378.160801][T22030]  ? trace_lock_release+0x135/0x1a0
[  378.166016][T22030]  ? __lock_acquire+0x4750/0x4750
[  378.171061][T22030]  ? fget_many+0x30/0x30
00:35:02 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x20081, 0x0)
write$vnet(r1, &(0x7f0000000100)={0x1, {&(0x7f0000000040)=""/33, 0x21, &(0x7f0000000080)=""/124, 0x0, 0x3}}, 0x68)
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='hugetlbfs\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./file0\x00')
mknod$loop(&(0x7f00000002c0)='./file0\x00', 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

[  378.175314][T22030]  ? debug_smp_processor_id+0x1c/0x20
[  378.180698][T22030]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  378.186781][T22030]  tomoyo_file_ioctl+0x23/0x30
[  378.191552][T22030]  security_file_ioctl+0x6d/0xd0
[  378.191566][T22030]  __x64_sys_ioctl+0xa3/0x120
[  378.191583][T22030]  do_syscall_64+0xfe/0x140
[  378.205688][T22030]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  378.205698][T22030] RIP: 0033:0x459829
[  378.205709][T22030] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  378.205714][T22030] RSP: 002b:00007fb9c3ee8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  378.205723][T22030] RAX: ffffffffffffffda RBX: 00007fb9c3ee8c90 RCX: 0000000000459829
[  378.205728][T22030] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  378.205732][T22030] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  378.205737][T22030] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb9c3ee96d4
[  378.205742][T22030] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  378.267677][T22030] ERROR: Out of memory at tomoyo_realpath_from_path.
[  378.296415][T22030] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  378.353104][T22055] FAULT_INJECTION: forcing a failure.
[  378.353104][T22055] name failslab, interval 1, probability 0, space 0, times 0
[  378.376065][T22055] CPU: 0 PID: 22055 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  378.384084][T22055] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  378.394252][T22055] Call Trace:
[  378.397555][T22055]  dump_stack+0x1d8/0x2f8
[  378.401892][T22055]  should_fail+0x608/0x860
[  378.406305][T22055]  ? setup_fault_attr+0x2b0/0x2b0
[  378.411317][T22055]  __should_failslab+0x11a/0x160
[  378.416250][T22055]  ? mmu_topup_memory_caches+0x93/0x490
[  378.421804][T22055]  should_failslab+0x9/0x20
[  378.426324][T22055]  kmem_cache_alloc+0x56/0x2e0
[  378.431080][T22055]  ? mmu_topup_memory_caches+0x93/0x490
[  378.436618][T22055]  mmu_topup_memory_caches+0x93/0x490
[  378.441996][T22055]  kvm_mmu_load+0x9c/0x1cc0
[  378.446516][T22055]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  378.451971][T22055]  ? __lock_acquire+0x4750/0x4750
[  378.456989][T22055]  ? vmx_flush_tlb+0x2b3/0x600
[  378.461809][T22055]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  378.467524][T22055]  ? kvm_apic_has_interrupt+0x543/0xa40
[  378.473061][T22055]  ? kvm_mmu_unload+0xf0/0xf0
[  378.477730][T22055]  ? __kasan_check_write+0x14/0x20
[  378.482833][T22055]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  378.488458][T22055]  ? kvm_apic_accept_events+0x18f/0x470
[  378.494006][T22055]  ? kvm_apic_has_interrupt+0x543/0xa40
[  378.499550][T22055]  vcpu_enter_guest+0x3ffc/0x5530
[  378.504571][T22055]  ? local_bh_enable+0x30/0x30
[  378.509342][T22055]  ? lock_acquire+0x158/0x250
[  378.514023][T22055]  ? rcu_lock_acquire+0xd/0x40
[  378.518780][T22055]  vcpu_run+0x393/0xd40
[  378.522964][T22055]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  378.528426][T22055]  kvm_vcpu_ioctl+0x792/0xba0
[  378.533118][T22055]  ? kvm_vm_release+0x50/0x50
[  378.537784][T22055]  ? tomoyo_path_number_perm+0x587/0x740
[  378.543406][T22055]  ? trace_hardirqs_on+0x74/0x80
[  378.548360][T22055]  ? tomoyo_path_number_perm+0x5f0/0x740
[  378.553984][T22055]  ? tomoyo_check_path_acl+0x180/0x180
[  378.559436][T22055]  ? kvm_vm_release+0x50/0x50
[  378.564109][T22055]  do_vfs_ioctl+0x7d4/0x18f0
[  378.568688][T22055]  ? __lock_acquire+0x4750/0x4750
[  378.573706][T22055]  ? ioctl_preallocate+0x240/0x240
[  378.578816][T22055]  ? fget_many+0x30/0x30
[  378.583053][T22055]  ? debug_smp_processor_id+0x1c/0x20
[  378.588418][T22055]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  378.594476][T22055]  ? tomoyo_file_ioctl+0x23/0x30
[  378.599406][T22055]  ? security_file_ioctl+0xa1/0xd0
[  378.604510][T22055]  __x64_sys_ioctl+0xe3/0x120
[  378.609195][T22055]  do_syscall_64+0xfe/0x140
[  378.613720][T22055]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  378.619613][T22055] RIP: 0033:0x459829
[  378.623492][T22055] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  378.643083][T22055] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
00:35:02 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = syz_open_dev$audion(&(0x7f0000000000)='/dev/audio#\x00', 0x36, 0x800)
write$P9_RRENAME(r1, &(0x7f0000000040)={0x7, 0x15, 0x1}, 0x7)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$TIOCLINUX4(r1, 0x541c, &(0x7f0000000080))
getpeername$ax25(r1, &(0x7f0000000100)={{0x3, @default}, [@bcast, @null, @netrom, @remote, @bcast, @remote, @bcast]}, &(0x7f0000000180)=0x48)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:02 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{0x0, 0xffffffff00000000}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:02 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r3 = fcntl$dupfd(r0, 0x406, r1)
getsockopt$inet_sctp_SCTP_LOCAL_AUTH_CHUNKS(r2, 0x84, 0x1b, &(0x7f0000000000)={<r4=>0x0, 0x31, "2365bc1f73b888767da0d0a311f272fa0e17ae6f5b6d3566af2502d8229e64f9a02786717c304375eeabc37ede4ca4caa9"}, &(0x7f0000000040)=0x39)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000080)={r4, 0x100, 0x1d}, 0x8)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

00:35:02 executing program 2 (fault-call:9 fault-nth:1):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  378.651480][T22055] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  378.659442][T22055] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  378.667402][T22055] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  378.675366][T22055] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  378.683331][T22055] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  378.800003][T22063] FAULT_INJECTION: forcing a failure.
[  378.800003][T22063] name failslab, interval 1, probability 0, space 0, times 0
[  378.814022][T22069] input: syz1 as /devices/virtual/input/input375
[  378.820057][T22063] CPU: 0 PID: 22063 Comm: syz-executor.2 Not tainted 5.3.0-rc2+ #57
[  378.828445][T22063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  378.838510][T22063] Call Trace:
[  378.841816][T22063]  dump_stack+0x1d8/0x2f8
[  378.846154][T22063]  should_fail+0x608/0x860
[  378.846169][T22063]  ? setup_fault_attr+0x2b0/0x2b0
[  378.846187][T22063]  ? tomoyo_encode2+0x273/0x5a0
[  378.855630][T22063]  ? d_path+0x680/0x680
[  378.855642][T22063]  __should_failslab+0x11a/0x160
[  378.855662][T22063]  ? tomoyo_encode2+0x273/0x5a0
[  378.874423][T22063]  should_failslab+0x9/0x20
[  378.878955][T22063]  __kmalloc+0x7a/0x340
[  378.878968][T22063]  ? tomoyo_realpath_from_path+0xdc/0x7c0
[  378.878987][T22063]  tomoyo_encode2+0x273/0x5a0
[  378.888873][T22063]  ? anon_inodefs_init_fs_context+0x70/0x70
[  378.888887][T22063]  tomoyo_realpath_from_path+0x769/0x7c0
[  378.888911][T22063]  tomoyo_path_number_perm+0x1e0/0x740
[  378.905119][T22063]  ? tomoyo_check_path_acl+0x180/0x180
[  378.905131][T22063]  ? trace_lock_release+0x135/0x1a0
[  378.905146][T22063]  ? __lock_acquire+0x4750/0x4750
[  378.905167][T22063]  ? fget_many+0x30/0x30
[  378.905175][T22063]  ? debug_smp_processor_id+0x1c/0x20
[  378.905186][T22063]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  378.905203][T22063]  tomoyo_file_ioctl+0x23/0x30
[  378.916129][T22063]  security_file_ioctl+0x6d/0xd0
[  378.916141][T22063]  __x64_sys_ioctl+0xa3/0x120
[  378.916154][T22063]  do_syscall_64+0xfe/0x140
[  378.916166][T22063]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  378.916176][T22063] RIP: 0033:0x459829
[  378.916186][T22063] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  378.916198][T22063] RSP: 002b:00007fb9c3ee8c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
00:35:03 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:03 executing program 5 (fault-call:9 fault-nth:17):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:03 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:03 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer\x00', 0x10001, 0x0)
ioctl$KVM_TPR_ACCESS_REPORTING(r2, 0xc028ae92, &(0x7f0000000100)={0x400, 0x8})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r4 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/dsp\x00', 0x40100, 0x0)
ioctl$DRM_IOCTL_ADD_CTX(r4, 0xc0086420, &(0x7f0000000080))
fdatasync(r0)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)

[  378.998766][T22063] RAX: ffffffffffffffda RBX: 00007fb9c3ee8c90 RCX: 0000000000459829
[  379.006744][T22063] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  379.006750][T22063] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  379.006755][T22063] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fb9c3ee96d4
[  379.006760][T22063] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  379.042290][T22063] ERROR: Out of memory at tomoyo_realpath_from_path.
[  379.069124][T22082] FAULT_INJECTION: forcing a failure.
[  379.069124][T22082] name failslab, interval 1, probability 0, space 0, times 0
[  379.088759][T22082] CPU: 1 PID: 22082 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  379.096771][T22082] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  379.106828][T22082] Call Trace:
[  379.110134][T22082]  dump_stack+0x1d8/0x2f8
[  379.114476][T22082]  should_fail+0x608/0x860
[  379.118903][T22082]  ? setup_fault_attr+0x2b0/0x2b0
[  379.123940][T22082]  __should_failslab+0x11a/0x160
[  379.128898][T22082]  ? mmu_topup_memory_caches+0x93/0x490
[  379.134453][T22082]  should_failslab+0x9/0x20
[  379.138991][T22082]  kmem_cache_alloc+0x56/0x2e0
[  379.143762][T22082]  ? mmu_topup_memory_caches+0x93/0x490
[  379.149315][T22082]  mmu_topup_memory_caches+0x93/0x490
[  379.154693][T22082]  kvm_mmu_load+0x9c/0x1cc0
[  379.159198][T22082]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  379.164658][T22082]  ? __lock_acquire+0x4750/0x4750
[  379.169682][T22082]  ? vmx_flush_tlb+0x2b3/0x600
[  379.174455][T22082]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  379.180184][T22082]  ? kvm_apic_has_interrupt+0x543/0xa40
[  379.185741][T22082]  ? kvm_mmu_unload+0xf0/0xf0
[  379.190430][T22082]  ? __kasan_check_write+0x14/0x20
[  379.195546][T22082]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  379.201190][T22082]  ? kvm_apic_accept_events+0x18f/0x470
[  379.206739][T22082]  ? kvm_apic_has_interrupt+0x543/0xa40
[  379.212294][T22082]  vcpu_enter_guest+0x3ffc/0x5530
[  379.217332][T22082]  ? local_bh_enable+0x30/0x30
[  379.222104][T22082]  ? lock_acquire+0x158/0x250
[  379.226788][T22082]  ? rcu_lock_acquire+0xd/0x40
[  379.231568][T22082]  vcpu_run+0x393/0xd40
[  379.235762][T22082]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  379.241255][T22082]  kvm_vcpu_ioctl+0x792/0xba0
[  379.245942][T22082]  ? kvm_vm_release+0x50/0x50
[  379.250708][T22082]  ? tomoyo_path_number_perm+0x587/0x740
[  379.256348][T22082]  ? trace_hardirqs_on+0x74/0x80
[  379.261295][T22082]  ? tomoyo_path_number_perm+0x5f0/0x740
[  379.274662][T22082]  ? tomoyo_check_path_acl+0x180/0x180
[  379.280131][T22082]  ? kvm_vm_release+0x50/0x50
[  379.285005][T22082]  do_vfs_ioctl+0x7d4/0x18f0
[  379.289631][T22082]  ? __lock_acquire+0x4750/0x4750
[  379.295689][T22082]  ? ioctl_preallocate+0x240/0x240
[  379.300810][T22082]  ? fget_many+0x30/0x30
[  379.305059][T22082]  ? debug_smp_processor_id+0x1c/0x20
[  379.310440][T22082]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  379.316513][T22082]  ? tomoyo_file_ioctl+0x23/0x30
[  379.321458][T22082]  ? security_file_ioctl+0xa1/0xd0
[  379.326581][T22082]  __x64_sys_ioctl+0xe3/0x120
[  379.331266][T22082]  do_syscall_64+0xfe/0x140
[  379.335771][T22082]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  379.341662][T22082] RIP: 0033:0x459829
[  379.345554][T22082] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  379.365155][T22082] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  379.373563][T22082] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  379.381557][T22082] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  379.389528][T22082] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  379.397528][T22082] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  379.405499][T22082] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:35:03 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
bind$nfc_llcp(r1, &(0x7f0000000000)={0x27, 0x1, 0x1, 0x7, 0x3, 0x10001, "bb6abebe107367dfbe2602c92bc2d74267f937e3645cff6e1f836e6805feaae329698f3751070e5940e4be8cfeb7ac3d9c598713bb838f58c5b14f2c08b60a", 0x15}, 0x60)
prctl$PR_GET_FP_MODE(0x2e)

00:35:03 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:03 executing program 5 (fault-call:9 fault-nth:18):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  379.417846][T22063] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:03 executing program 2 (fault-call:9 fault-nth:2):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:03 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
r1 = fcntl$dupfd(r0, 0x406, r0)
ioctl$sock_ax25_SIOCDELRT(r1, 0x890c, &(0x7f0000000000)={@null, @null, 0x4, [@null, @null, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @bcast, @null, @default, @bcast]})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r2 = socket(0x40000000015, 0x805, 0x0)
sendmsg$nl_generic(r2, &(0x7f00000002c0)={&(0x7f0000000000), 0xc, &(0x7f0000000280)={0x0}}, 0x4000000)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
getsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000000100)={{}, {{@in=@broadcast}, 0x0, @in=@local}}, &(0x7f0000000080)=0xe8)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  379.513666][T22093] FAULT_INJECTION: forcing a failure.
[  379.513666][T22093] name failslab, interval 1, probability 0, space 0, times 0
[  379.562512][T22093] CPU: 0 PID: 22093 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  379.570540][T22093] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  379.580603][T22093] Call Trace:
[  379.583924][T22093]  dump_stack+0x1d8/0x2f8
[  379.588275][T22093]  should_fail+0x608/0x860
[  379.592710][T22093]  ? setup_fault_attr+0x2b0/0x2b0
[  379.597748][T22093]  __should_failslab+0x11a/0x160
[  379.597763][T22093]  ? mmu_topup_memory_caches+0x93/0x490
[  379.597774][T22093]  should_failslab+0x9/0x20
[  379.597792][T22093]  kmem_cache_alloc+0x56/0x2e0
[  379.608334][T22093]  ? mmu_topup_memory_caches+0x93/0x490
[  379.608347][T22093]  mmu_topup_memory_caches+0x93/0x490
[  379.608358][T22093]  kvm_mmu_load+0x9c/0x1cc0
[  379.608367][T22093]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  379.608378][T22093]  ? __lock_acquire+0x4750/0x4750
[  379.608386][T22093]  ? vmx_flush_tlb+0x2b3/0x600
[  379.608397][T22093]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  379.608406][T22093]  ? kvm_apic_has_interrupt+0x543/0xa40
00:35:03 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x3ff)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r2 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x20001, 0x0)
ioctl$PERF_EVENT_IOC_REFRESH(r2, 0x2402, 0x400)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  379.608414][T22093]  ? kvm_mmu_unload+0xf0/0xf0
[  379.608428][T22093]  ? __kasan_check_write+0x14/0x20
[  379.608444][T22093]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  379.617721][T22093]  ? kvm_apic_accept_events+0x18f/0x470
[  379.617731][T22093]  ? kvm_apic_has_interrupt+0x543/0xa40
[  379.617747][T22093]  vcpu_enter_guest+0x3ffc/0x5530
[  379.617768][T22093]  ? local_bh_enable+0x30/0x30
[  379.628699][T22093]  ? lock_acquire+0x158/0x250
[  379.628709][T22093]  ? rcu_lock_acquire+0xd/0x40
[  379.628725][T22093]  vcpu_run+0x393/0xd40
[  379.628742][T22093]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  379.628753][T22093]  kvm_vcpu_ioctl+0x792/0xba0
[  379.628762][T22093]  ? kvm_vm_release+0x50/0x50
[  379.628772][T22093]  ? tomoyo_path_number_perm+0x587/0x740
[  379.628790][T22093]  ? trace_hardirqs_on+0x74/0x80
[  379.633918][T22102] input: syz1 as /devices/virtual/input/input377
[  379.638766][T22093]  ? tomoyo_path_number_perm+0x5f0/0x740
[  379.638779][T22093]  ? tomoyo_check_path_acl+0x180/0x180
[  379.638791][T22093]  ? kvm_vm_release+0x50/0x50
[  379.638802][T22093]  do_vfs_ioctl+0x7d4/0x18f0
00:35:04 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r1, 0x40505330, &(0x7f0000000000)={{0x4, 0x2}, {0x0, 0x120}, 0xfffffffffffffff7, 0x6, 0x5})

00:35:04 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  379.638815][T22093]  ? __lock_acquire+0x4750/0x4750
[  379.638826][T22093]  ? ioctl_preallocate+0x240/0x240
[  379.638850][T22093]  ? fget_many+0x30/0x30
[  379.648652][T22093]  ? debug_smp_processor_id+0x1c/0x20
[  379.648664][T22093]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  379.648678][T22093]  ? tomoyo_file_ioctl+0x23/0x30
[  379.648689][T22093]  ? security_file_ioctl+0xa1/0xd0
[  379.648701][T22093]  __x64_sys_ioctl+0xe3/0x120
[  379.648719][T22093]  do_syscall_64+0xfe/0x140
[  379.660006][T22093]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  379.660016][T22093] RIP: 0033:0x459829
[  379.660026][T22093] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  379.660031][T22093] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  379.660039][T22093] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  379.660045][T22093] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
00:35:04 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:04 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
clock_gettime(0x0, &(0x7f00000000c0)={<r2=>0x0, <r3=>0x0})
pselect6(0x40, &(0x7f0000000000)={0x3, 0x401, 0x5, 0xe56, 0x40, 0x9, 0x80, 0x1000000000000000}, &(0x7f0000000040)={0x800, 0x6, 0x8, 0x300, 0x4, 0x3, 0x6, 0x7fffffff}, &(0x7f0000000080)={0x10000, 0x1, 0x1814, 0x0, 0x3, 0x5, 0x2, 0x8}, &(0x7f0000000100)={r2, r3+10000000}, &(0x7f0000000180)={&(0x7f0000000140)={0x9}, 0x8})

[  379.660049][T22093] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  379.660055][T22093] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  379.660060][T22093] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:35:04 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:04 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:04 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8)
r1 = socket$inet(0x2, 0x881, 0xca3)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = syz_open_dev$media(&(0x7f0000000000)='/dev/media#\x00', 0xffffffffffffffff, 0x80)
ioctl$ASHMEM_GET_PROT_MASK(r2, 0x7706, &(0x7f0000000040))

[  380.026006][T22104] input: syz1 as /devices/virtual/input/input378
00:35:04 executing program 5 (fault-call:9 fault-nth:19):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:04 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:04 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = request_key(&(0x7f0000000000)='.request_key_auth\x00', &(0x7f0000000040)={'syz', 0x3}, &(0x7f0000000080)='\x00', 0xfffffffffffffffe)
keyctl$KEYCTL_PKEY_VERIFY(0x1c, &(0x7f00000000c0)={r1, 0x35, 0x3}, &(0x7f0000000100)={'enc=', 'raw', ' hash=', {'sm3\x00'}}, &(0x7f0000000180)="b5b29146eec9913b709b63fa19c5aa3a682c5cbe97f0e07933c9441ccf8d8ae16b4d69b5f13a04fe522ec3b7a0b794fde7ace24c36", &(0x7f00000001c0)="cad198")
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

00:35:04 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='cpuset.effective_mems\x00', 0x0, 0x0)
ioctl$PERF_EVENT_IOC_QUERY_BPF(r1, 0xc008240a, &(0x7f0000000040)={0x9, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  380.171741][T22133] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  380.180451][T22144] FAULT_INJECTION: forcing a failure.
[  380.180451][T22144] name failslab, interval 1, probability 0, space 0, times 0
[  380.207339][T22144] CPU: 0 PID: 22144 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  380.215368][T22144] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  380.225432][T22144] Call Trace:
[  380.225455][T22144]  dump_stack+0x1d8/0x2f8
[  380.225471][T22144]  should_fail+0x608/0x860
[  380.225484][T22144]  ? setup_fault_attr+0x2b0/0x2b0
[  380.225501][T22144]  __should_failslab+0x11a/0x160
[  380.225516][T22144]  ? mmu_topup_memory_caches+0x93/0x490
[  380.225528][T22144]  should_failslab+0x9/0x20
[  380.225545][T22144]  kmem_cache_alloc+0x56/0x2e0
[  380.233178][T22144]  ? mmu_topup_memory_caches+0x93/0x490
[  380.233191][T22144]  mmu_topup_memory_caches+0x93/0x490
[  380.233202][T22144]  kvm_mmu_load+0x9c/0x1cc0
[  380.233212][T22144]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  380.233222][T22144]  ? __lock_acquire+0x4750/0x4750
[  380.233237][T22144]  ? vmx_flush_tlb+0x2b3/0x600
[  380.283296][T22144]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  380.293082][T22144]  ? kvm_apic_has_interrupt+0x543/0xa40
[  380.293094][T22144]  ? kvm_mmu_unload+0xf0/0xf0
[  380.293107][T22144]  ? __kasan_check_write+0x14/0x20
[  380.293116][T22144]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  380.293125][T22144]  ? kvm_apic_accept_events+0x18f/0x470
[  380.293141][T22144]  ? kvm_apic_has_interrupt+0x543/0xa40
[  380.331015][T22144]  vcpu_enter_guest+0x3ffc/0x5530
[  380.336062][T22144]  ? local_bh_enable+0x30/0x30
[  380.340840][T22144]  ? lock_acquire+0x158/0x250
[  380.345625][T22144]  ? rcu_lock_acquire+0xd/0x40
[  380.350423][T22144]  vcpu_run+0x393/0xd40
[  380.354600][T22144]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  380.360070][T22144]  kvm_vcpu_ioctl+0x792/0xba0
[  380.360082][T22144]  ? kvm_vm_release+0x50/0x50
[  380.360093][T22144]  ? tomoyo_path_number_perm+0x587/0x740
[  380.360105][T22144]  ? trace_hardirqs_on+0x74/0x80
[  380.360121][T22144]  ? tomoyo_path_number_perm+0x5f0/0x740
[  380.369488][T22144]  ? tomoyo_check_path_acl+0x180/0x180
[  380.369501][T22144]  ? kvm_vm_release+0x50/0x50
[  380.369512][T22144]  do_vfs_ioctl+0x7d4/0x18f0
[  380.369525][T22144]  ? __lock_acquire+0x4750/0x4750
[  380.369534][T22144]  ? ioctl_preallocate+0x240/0x240
[  380.369552][T22144]  ? fget_many+0x30/0x30
[  380.369572][T22144]  ? debug_smp_processor_id+0x1c/0x20
00:35:04 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x88401, 0x0)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000380)='TIPCv2\x00')
sendmsg$TIPC_NL_UDP_GET_REMOTEIP(r2, &(0x7f0000000280)={&(0x7f0000000040), 0xc, &(0x7f0000000240)={&(0x7f00000000c0)={0x150, r3, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x28, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x80000001}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x251bab46}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}]}, @TIPC_NLA_NET={0x3c, 0x7, [@TIPC_NLA_NET_ADDR={0x8, 0x2, 0x5}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x81}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffff8}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x7}, @TIPC_NLA_NET_NODEID={0xc}]}, @TIPC_NLA_LINK={0x8c, 0x4, [@TIPC_NLA_LINK_NAME={0xc, 0x1, 'syz0\x00'}, @TIPC_NLA_LINK_PROP={0x2c, 0x7, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xfffffffffffffffd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xa}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0xa62}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x7fff}]}, @TIPC_NLA_LINK_NAME={0x14, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0x3c, 0x7, [@TIPC_NLA_PROP_TOL={0x8, 0x2, 0x4}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x1c}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x5}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x1}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0xd}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x10001}]}]}, @TIPC_NLA_MON={0x4c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xffffffff}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x10000}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x800}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x100}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x24}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}]}]}, 0x150}, 0x1, 0x0, 0x0, 0x800}, 0x9770092c95899fba)

00:35:04 executing program 0:
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:04 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
r2 = syz_open_dev$sndpcmc(&(0x7f0000000200)='/dev/snd/pcmC#D#c\x00', 0x9, 0x4100)
ioctl$VT_SETMODE(r2, 0x5602, &(0x7f0000000040)={0x6, 0x5, 0x401, 0xffff})
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_SET_LINK_TOL(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1021010}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x68, r3, 0x10, 0x70bd2d, 0x25dfdbfe, {{}, 0x0, 0x4107, 0x0, {0x4c, 0x18, {0x16b, @media='ib\x00'}}}, ["", "", "", "", "", "", ""]}, 0x68}, 0x1, 0x0, 0x0, 0x80}, 0x20000001)

[  380.420283][T22144]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  380.426371][T22144]  ? tomoyo_file_ioctl+0x23/0x30
[  380.431325][T22144]  ? security_file_ioctl+0xa1/0xd0
[  380.436457][T22144]  __x64_sys_ioctl+0xe3/0x120
[  380.441153][T22144]  do_syscall_64+0xfe/0x140
[  380.445673][T22144]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  380.451577][T22144] RIP: 0033:0x459829
[  380.455473][T22144] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  380.455479][T22144] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  380.455488][T22144] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  380.455494][T22144] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  380.455499][T22144] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  380.455504][T22144] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  380.455509][T22144] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  380.478930][T22144] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  380.550375][T22163] input: syz1 as /devices/virtual/input/input379
00:35:04 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:04 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:04 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x2, 0x0)

00:35:04 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
setsockopt$inet_tcp_TLS_TX(r1, 0x6, 0x1, &(0x7f0000000000)=@gcm_128={{0x307}, "216e9e744116e179", "4f3de2814eac37c1635df1821b3a1609", "a541f7c4", "fc0647207a4f23b3"}, 0x28)

00:35:04 executing program 5 (fault-call:9 fault-nth:20):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  380.707732][T22163] input: syz1 as /devices/virtual/input/input380
[  380.766389][T22178] FAULT_INJECTION: forcing a failure.
[  380.766389][T22178] name failslab, interval 1, probability 0, space 0, times 0
[  380.802259][T22178] CPU: 0 PID: 22178 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  380.810293][T22178] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  380.810298][T22178] Call Trace:
[  380.810324][T22178]  dump_stack+0x1d8/0x2f8
[  380.810338][T22178]  should_fail+0x608/0x860
[  380.810350][T22178]  ? setup_fault_attr+0x2b0/0x2b0
[  380.810368][T22178]  __should_failslab+0x11a/0x160
[  380.810381][T22178]  ? mmu_topup_memory_caches+0x93/0x490
[  380.810393][T22178]  should_failslab+0x9/0x20
[  380.810405][T22178]  kmem_cache_alloc+0x56/0x2e0
[  380.810415][T22178]  ? mmu_topup_memory_caches+0x93/0x490
[  380.810426][T22178]  mmu_topup_memory_caches+0x93/0x490
[  380.810438][T22178]  kvm_mmu_load+0x9c/0x1cc0
[  380.810450][T22178]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  380.810462][T22178]  ? __lock_acquire+0x4750/0x4750
[  380.810470][T22178]  ? vmx_flush_tlb+0x2b3/0x600
[  380.810481][T22178]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  380.810491][T22178]  ? kvm_apic_has_interrupt+0x543/0xa40
[  380.810501][T22178]  ? kvm_mmu_unload+0xf0/0xf0
[  380.810511][T22178]  ? __kasan_check_write+0x14/0x20
[  380.810520][T22178]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  380.810537][T22178]  ? kvm_apic_accept_events+0x18f/0x470
[  380.842624][T22178]  ? kvm_apic_has_interrupt+0x543/0xa40
[  380.852670][T22178]  vcpu_enter_guest+0x3ffc/0x5530
[  380.852688][T22178]  ? local_bh_enable+0x30/0x30
[  380.852709][T22178]  ? lock_acquire+0x158/0x250
[  380.878311][T22178]  ? rcu_lock_acquire+0xd/0x40
[  380.878328][T22178]  vcpu_run+0x393/0xd40
[  380.878347][T22178]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  380.888146][T22178]  kvm_vcpu_ioctl+0x792/0xba0
[  380.888156][T22178]  ? kvm_vm_release+0x50/0x50
[  380.888166][T22178]  ? tomoyo_path_number_perm+0x587/0x740
[  380.888176][T22178]  ? trace_hardirqs_on+0x74/0x80
[  380.888186][T22178]  ? tomoyo_path_number_perm+0x5f0/0x740
[  380.888198][T22178]  ? tomoyo_check_path_acl+0x180/0x180
[  380.888213][T22178]  ? kvm_vm_release+0x50/0x50
[  380.990352][T22178]  do_vfs_ioctl+0x7d4/0x18f0
[  380.994950][T22178]  ? __lock_acquire+0x4750/0x4750
[  380.999972][T22178]  ? ioctl_preallocate+0x240/0x240
[  381.005113][T22178]  ? fget_many+0x30/0x30
[  381.009344][T22178]  ? debug_smp_processor_id+0x1c/0x20
[  381.014706][T22178]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  381.020766][T22178]  ? tomoyo_file_ioctl+0x23/0x30
[  381.025694][T22178]  ? security_file_ioctl+0xa1/0xd0
[  381.030808][T22178]  __x64_sys_ioctl+0xe3/0x120
[  381.035484][T22178]  do_syscall_64+0xfe/0x140
[  381.039988][T22178]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.045870][T22178] RIP: 0033:0x459829
00:35:05 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x802, 0x401)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x10, 0x0)

00:35:05 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  381.049763][T22178] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  381.069373][T22178] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  381.077872][T22178] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  381.085848][T22178] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  381.093809][T22178] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  381.101770][T22178] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  381.109746][T22178] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:35:05 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/secure_tcp\x00', 0x2, 0x0)
ioctl$VT_SETMODE(r1, 0x5602, &(0x7f0000000040)={0xb7d8, 0x1, 0x101, 0x9, 0x7})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r1, 0x5502)

00:35:05 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000005, 0xfffffffffffffffd)
unshare(0x20040600)
tee(r0, r0, 0x1f, 0x4)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  381.145142][T22178] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:05 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
getpid()
sched_setattr(0x0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r0 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r0, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r0, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

[  381.212797][T22200] input: syz1 as /devices/virtual/input/input381
00:35:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x227e, 0x0)

00:35:05 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x6, 0xfffffffffffffffd)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x0, 0x2)
ioctl$KDSKBSENT(r2, 0x4b49, &(0x7f0000000040)="0300f3c0bbe6517a2ed17e8b506f42414070c28a6e18bad9cbc006cf769da0bc04d9abfe8d9c098a059ca2d40dba5c5172deeed3bb78810be613472ecc58c1531418b7847e9d2f3779e1174ba7fc1a2d593568b88929a828ed929bf46874cd98f9c850dab550e0a6c495764aaeca1dfbef353932565341c2c87aca3dfaf91914b7d3c4c57b44c665e5311ff7f524a91684d41665a8498a7c247fd3b326e8561b550e919f78e9c29968bd")
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000140)={0x2, 0x0, [{0x1, 0x6, 0x400, 0x7fffffff, 0x9}, {0x40000000, 0x3, 0x6, 0xda2, 0x10001}]})
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)

00:35:05 executing program 5 (fault-call:9 fault-nth:21):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:05 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  381.371151][T22200] input: syz1 as /devices/virtual/input/input382
00:35:05 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
ioctl$EXT4_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x1)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:05 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r1 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000180)='/dev/dlm-monitor\x00', 0x4a300, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0xfffffec4, 0xfa00, {0x2, &(0x7f0000000140)={<r2=>0xffffffffffffffff}, 0x800000000106, 0x202}}, 0xfffffc2a)
write$RDMA_USER_CM_CMD_LISTEN(r1, &(0x7f0000000100)={0x7, 0x8, 0xfa00, {r2, 0x6}}, 0x10)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:05 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
accept(r1, 0x0, &(0x7f0000000000))
ioctl$sock_SIOCOUTQ(r1, 0x5411, &(0x7f0000000040))

00:35:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x2285, 0x0)

[  381.565552][T22230] FAULT_INJECTION: forcing a failure.
[  381.565552][T22230] name failslab, interval 1, probability 0, space 0, times 0
[  381.588846][T22230] CPU: 0 PID: 22230 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  381.596894][T22230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  381.596900][T22230] Call Trace:
[  381.596930][T22230]  dump_stack+0x1d8/0x2f8
[  381.596946][T22230]  should_fail+0x608/0x860
[  381.596958][T22230]  ? setup_fault_attr+0x2b0/0x2b0
[  381.596977][T22230]  __should_failslab+0x11a/0x160
[  381.596992][T22230]  ? mmu_topup_memory_caches+0x93/0x490
[  381.597004][T22230]  should_failslab+0x9/0x20
[  381.597015][T22230]  kmem_cache_alloc+0x56/0x2e0
[  381.597024][T22230]  ? mmu_topup_memory_caches+0x93/0x490
[  381.597041][T22230]  mmu_topup_memory_caches+0x93/0x490
[  381.629080][T22230]  kvm_mmu_load+0x9c/0x1cc0
[  381.629092][T22230]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  381.629104][T22230]  ? __lock_acquire+0x4750/0x4750
[  381.629121][T22230]  ? vmx_flush_tlb+0x2b3/0x600
[  381.649480][T22230]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  381.649492][T22230]  ? kvm_apic_has_interrupt+0x543/0xa40
[  381.649503][T22230]  ? kvm_mmu_unload+0xf0/0xf0
[  381.649516][T22230]  ? __kasan_check_write+0x14/0x20
[  381.649525][T22230]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  381.649534][T22230]  ? kvm_apic_accept_events+0x18f/0x470
[  381.649549][T22230]  ? kvm_apic_has_interrupt+0x543/0xa40
[  381.669991][T22230]  vcpu_enter_guest+0x3ffc/0x5530
[  381.670010][T22230]  ? local_bh_enable+0x30/0x30
[  381.670022][T22230]  ? lock_acquire+0x158/0x250
[  381.670029][T22230]  ? rcu_lock_acquire+0xd/0x40
[  381.670045][T22230]  vcpu_run+0x393/0xd40
[  381.670061][T22230]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  381.741305][T22230]  kvm_vcpu_ioctl+0x792/0xba0
[  381.745990][T22230]  ? kvm_vm_release+0x50/0x50
[  381.750668][T22230]  ? tomoyo_path_number_perm+0x587/0x740
[  381.756310][T22230]  ? trace_hardirqs_on+0x74/0x80
[  381.761259][T22230]  ? tomoyo_path_number_perm+0x5f0/0x740
[  381.766905][T22230]  ? tomoyo_check_path_acl+0x180/0x180
[  381.772388][T22230]  ? kvm_vm_release+0x50/0x50
[  381.777065][T22230]  do_vfs_ioctl+0x7d4/0x18f0
[  381.781655][T22230]  ? __lock_acquire+0x4750/0x4750
[  381.786687][T22230]  ? ioctl_preallocate+0x240/0x240
[  381.791820][T22230]  ? fget_many+0x30/0x30
[  381.796078][T22230]  ? debug_smp_processor_id+0x1c/0x20
[  381.801552][T22230]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  381.807631][T22230]  ? tomoyo_file_ioctl+0x23/0x30
[  381.812582][T22230]  ? security_file_ioctl+0xa1/0xd0
[  381.817706][T22230]  __x64_sys_ioctl+0xe3/0x120
[  381.822406][T22230]  do_syscall_64+0xfe/0x140
[  381.826921][T22230]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  381.832815][T22230] RIP: 0033:0x459829
[  381.836706][T22230] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  381.856304][T22230] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
00:35:06 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  381.864714][T22230] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  381.872686][T22230] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  381.880658][T22230] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  381.888626][T22230] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  381.896618][T22230] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  381.906519][T22230] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:06 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
r0 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ubi_ctrl\x00', 0xc000, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getsockopt$inet_tcp_int(r0, 0x6, 0x17, &(0x7f0000000040), &(0x7f0000000080)=0x4)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  381.924297][T22250] input: syz1 as /devices/virtual/input/input383
00:35:06 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:06 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, 0x0, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:06 executing program 0:
r0 = syz_open_dev$cec(&(0x7f0000000100)='/dev/cec#\x00', 0x1, 0x2)
ioctl$TIOCCBRK(r0, 0x5428)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$FUSE_DIRENT(r0, &(0x7f0000000080)={0x28, 0xfffffffffffffff5, 0x8, [{0x1, 0x100000000, 0x0, 0x5}]}, 0x28)
socket$inet(0x2, 0x4000000000000001, 0x0)
pread64(r1, &(0x7f0000000040)=""/50, 0x32, 0x53)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)

00:35:06 executing program 5 (fault-call:9 fault-nth:22):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:06 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1b)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8000010008)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:06 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x2400, 0x0)

00:35:06 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:06 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
socket$kcm(0x29, 0xe5ff841683db7fa9, 0x0)
r2 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x8, 0x1)
ioctl$TIOCEXCL(r2, 0x540c)
setsockopt$inet_tcp_TCP_FASTOPEN_KEY(r2, 0x6, 0x21, &(0x7f0000000040)="734b1cd077649a23fb1b4e58a6a61960", 0x10)

[  382.304405][T22269] FAULT_INJECTION: forcing a failure.
[  382.304405][T22269] name failslab, interval 1, probability 0, space 0, times 0
[  382.379153][T22275] input: syz1 as /devices/virtual/input/input384
[  382.383803][T22269] CPU: 0 PID: 22269 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  382.393505][T22269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  382.403563][T22269] Call Trace:
[  382.403583][T22269]  dump_stack+0x1d8/0x2f8
[  382.403600][T22269]  should_fail+0x608/0x860
[  382.415638][T22269]  ? setup_fault_attr+0x2b0/0x2b0
[  382.420694][T22269]  __should_failslab+0x11a/0x160
[  382.425648][T22269]  ? mmu_topup_memory_caches+0x93/0x490
[  382.431216][T22269]  should_failslab+0x9/0x20
[  382.435735][T22269]  kmem_cache_alloc+0x56/0x2e0
[  382.440510][T22269]  ? mmu_topup_memory_caches+0x93/0x490
[  382.446074][T22269]  mmu_topup_memory_caches+0x93/0x490
[  382.451466][T22269]  kvm_mmu_load+0x9c/0x1cc0
[  382.455980][T22269]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  382.461446][T22269]  ? __lock_acquire+0x4750/0x4750
[  382.461455][T22269]  ? vmx_flush_tlb+0x2b3/0x600
[  382.461466][T22269]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  382.461476][T22269]  ? kvm_apic_has_interrupt+0x543/0xa40
[  382.461488][T22269]  ? kvm_mmu_unload+0xf0/0xf0
[  382.461501][T22269]  ? __kasan_check_write+0x14/0x20
[  382.461516][T22269]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  382.471302][T22269]  ? kvm_apic_accept_events+0x18f/0x470
[  382.471313][T22269]  ? kvm_apic_has_interrupt+0x543/0xa40
[  382.471330][T22269]  vcpu_enter_guest+0x3ffc/0x5530
[  382.471347][T22269]  ? local_bh_enable+0x30/0x30
[  382.503549][T22269]  ? lock_acquire+0x158/0x250
[  382.514121][T22269]  ? rcu_lock_acquire+0xd/0x40
00:35:06 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4b48, 0x0)

00:35:06 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = accept(r0, &(0x7f0000000000)=@pppoe={0x18, 0x0, {0x0, @local}}, &(0x7f0000000080)=0x80)
setsockopt$inet6_MRT6_ADD_MFC_PROXY(r2, 0x29, 0xd2, &(0x7f00000000c0)={{0xa, 0x4e21, 0x1, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x11}}, 0x4}, {0xa, 0x4e23, 0x11, @mcast1, 0x3}, 0x5, [0x7, 0x1, 0x200, 0x51, 0x8, 0x5, 0x5, 0xb9d5]}, 0x5c)

00:35:06 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  382.514139][T22269]  vcpu_run+0x393/0xd40
[  382.514158][T22269]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  382.514176][T22269]  kvm_vcpu_ioctl+0x792/0xba0
[  382.542635][T22269]  ? kvm_vm_release+0x50/0x50
[  382.547333][T22269]  ? tomoyo_path_number_perm+0x587/0x740
[  382.552988][T22269]  ? trace_hardirqs_on+0x74/0x80
[  382.557958][T22269]  ? tomoyo_path_number_perm+0x5f0/0x740
[  382.563645][T22269]  ? tomoyo_check_path_acl+0x180/0x180
[  382.569127][T22269]  ? kvm_vm_release+0x50/0x50
[  382.569139][T22269]  do_vfs_ioctl+0x7d4/0x18f0
[  382.569153][T22269]  ? __lock_acquire+0x4750/0x4750
[  382.569164][T22269]  ? ioctl_preallocate+0x240/0x240
[  382.569181][T22269]  ? fget_many+0x30/0x30
[  382.569190][T22269]  ? debug_smp_processor_id+0x1c/0x20
[  382.569201][T22269]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  382.569217][T22269]  ? tomoyo_file_ioctl+0x23/0x30
[  382.578505][T22269]  ? security_file_ioctl+0xa1/0xd0
[  382.578517][T22269]  __x64_sys_ioctl+0xe3/0x120
[  382.578530][T22269]  do_syscall_64+0xfe/0x140
[  382.578541][T22269]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  382.578550][T22269] RIP: 0033:0x459829
[  382.578562][T22269] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  382.578567][T22269] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  382.578576][T22269] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  382.578581][T22269] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
00:35:06 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl$sock_SIOCGPGRP(r0, 0x8904, &(0x7f0000000040)=<r2=>0x0)
sched_getscheduler(r2)
perf_event_open(&(0x7f0000000080)={0x0, 0x70, 0x9, 0x28, 0x3, 0x7ff, 0x0, 0x6, 0x48008, 0x0, 0x0, 0x3, 0xe4, 0x5, 0x1, 0x9, 0x604, 0xffffffffffffffff, 0x9, 0x4, 0xd1, 0x1, 0x944, 0xfffffffffffffffd, 0x64, 0x0, 0x5, 0x7, 0x5, 0xffffffffffffffff, 0x101, 0x9, 0x1, 0x2, 0x1, 0x1, 0xe518, 0x1, 0x0, 0xea, 0x3, @perf_config_ext={0x10000, 0x75c}, 0x84, 0x5, 0x2, 0x3, 0x1, 0x5, 0x40}, r2, 0x9, 0xffffffffffffffff, 0xb)
unshare(0x20040600)
syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x7fff, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:07 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  382.578586][T22269] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  382.578592][T22269] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  382.578597][T22269] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  382.621400][T22269] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  382.769450][T22305] input: syz1 as /devices/virtual/input/input385
00:35:07 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
setxattr$security_smack_transmute(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.SMACK64TRANSMUTE\x00', &(0x7f0000000080)='TRUE', 0x4, 0x2)

00:35:07 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, 0x0, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:07 executing program 5 (fault-call:9 fault-nth:23):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4b69, 0x0)

00:35:07 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000100)={{{@in=@empty, @in6=@dev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r1=>0x0}}, {{@in6=@ipv4={[], [], @multicast1}}, 0x0, @in=@multicast2}}, &(0x7f0000000000)=0xe8)
fstat(r0, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, <r2=>0x0})
r3 = getuid()
setresuid(r1, r2, r3)
ioctl$UI_SET_FFBIT(r0, 0x4004556b, 0x52)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:07 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  383.203464][T22325] input: syz1 as /devices/virtual/input/input386
[  383.220086][T22320] FAULT_INJECTION: forcing a failure.
[  383.220086][T22320] name failslab, interval 1, probability 0, space 0, times 0
[  383.251312][T22320] CPU: 1 PID: 22320 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  383.259333][T22320] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  383.278080][T22320] Call Trace:
[  383.278105][T22320]  dump_stack+0x1d8/0x2f8
[  383.278118][T22320]  should_fail+0x608/0x860
[  383.278128][T22320]  ? setup_fault_attr+0x2b0/0x2b0
[  383.278142][T22320]  __should_failslab+0x11a/0x160
00:35:07 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20240600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  383.278154][T22320]  ? mmu_topup_memory_caches+0x93/0x490
[  383.278163][T22320]  should_failslab+0x9/0x20
[  383.278173][T22320]  kmem_cache_alloc+0x56/0x2e0
[  383.278182][T22320]  ? mmu_topup_memory_caches+0x93/0x490
[  383.278192][T22320]  mmu_topup_memory_caches+0x93/0x490
[  383.278203][T22320]  kvm_mmu_load+0x9c/0x1cc0
[  383.278221][T22320]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  383.306697][T22320]  ? __lock_acquire+0x4750/0x4750
[  383.306708][T22320]  ? vmx_flush_tlb+0x2b3/0x600
[  383.306719][T22320]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  383.306728][T22320]  ? kvm_apic_has_interrupt+0x543/0xa40
[  383.306739][T22320]  ? kvm_mmu_unload+0xf0/0xf0
[  383.306752][T22320]  ? __kasan_check_write+0x14/0x20
[  383.306760][T22320]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  383.306768][T22320]  ? kvm_apic_accept_events+0x18f/0x470
[  383.306784][T22320]  ? kvm_apic_has_interrupt+0x543/0xa40
[  383.321601][T22320]  vcpu_enter_guest+0x3ffc/0x5530
[  383.336940][T22320]  ? local_bh_enable+0x30/0x30
[  383.336953][T22320]  ? lock_acquire+0x158/0x250
[  383.336960][T22320]  ? rcu_lock_acquire+0xd/0x40
[  383.336976][T22320]  vcpu_run+0x393/0xd40
[  383.336993][T22320]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  383.337003][T22320]  kvm_vcpu_ioctl+0x792/0xba0
[  383.337012][T22320]  ? kvm_vm_release+0x50/0x50
[  383.337020][T22320]  ? tomoyo_path_number_perm+0x587/0x740
[  383.337030][T22320]  ? trace_hardirqs_on+0x74/0x80
[  383.337041][T22320]  ? tomoyo_path_number_perm+0x5f0/0x740
[  383.337054][T22320]  ? tomoyo_check_path_acl+0x180/0x180
[  383.337069][T22320]  ? kvm_vm_release+0x50/0x50
00:35:07 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  383.358119][T22320]  do_vfs_ioctl+0x7d4/0x18f0
[  383.358134][T22320]  ? __lock_acquire+0x4750/0x4750
[  383.358144][T22320]  ? ioctl_preallocate+0x240/0x240
[  383.358161][T22320]  ? fget_many+0x30/0x30
[  383.358169][T22320]  ? debug_smp_processor_id+0x1c/0x20
[  383.358179][T22320]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  383.358191][T22320]  ? tomoyo_file_ioctl+0x23/0x30
[  383.358208][T22320]  ? security_file_ioctl+0xa1/0xd0
[  383.404644][T22320]  __x64_sys_ioctl+0xe3/0x120
[  383.404666][T22320]  do_syscall_64+0xfe/0x140
00:35:07 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x4000040)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x120)
ioctl$UI_SET_FFBIT(r2, 0x4004556b, 0x79)
ioctl$KVM_CHECK_EXTENSION_VM(r2, 0xae03, 0x7576)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
getsockopt$inet_IP_XFRM_POLICY(r2, 0x0, 0x11, &(0x7f0000000040)={{{@in=@loopback, @in6=@mcast1}}, {{}, 0x0, @in=@local}}, &(0x7f0000000140)=0xe8)

[  383.414289][T22320]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.414300][T22320] RIP: 0033:0x459829
[  383.414310][T22320] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  383.414322][T22320] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  383.423666][T22320] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
00:35:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4c00, 0x0)

[  383.423672][T22320] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  383.423676][T22320] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  383.423681][T22320] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  383.423687][T22320] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  383.459966][T22320] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:07 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:07 executing program 5 (fault-call:9 fault-nth:24):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:08 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
r2 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x800, 0x8)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x2400, 0x7fffffff)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  383.668167][T22325] input: syz1 as /devices/virtual/input/input387
[  383.840383][T22364] FAULT_INJECTION: forcing a failure.
[  383.840383][T22364] name failslab, interval 1, probability 0, space 0, times 0
[  383.855845][T22364] CPU: 0 PID: 22364 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  383.863873][T22364] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  383.873948][T22364] Call Trace:
[  383.877230][T22364]  dump_stack+0x1d8/0x2f8
[  383.881564][T22364]  should_fail+0x608/0x860
[  383.885993][T22364]  ? setup_fault_attr+0x2b0/0x2b0
[  383.891023][T22364]  __should_failslab+0x11a/0x160
[  383.895949][T22364]  ? mmu_topup_memory_caches+0x93/0x490
[  383.901486][T22364]  should_failslab+0x9/0x20
[  383.905996][T22364]  kmem_cache_alloc+0x56/0x2e0
[  383.910743][T22364]  ? mmu_topup_memory_caches+0x93/0x490
[  383.916267][T22364]  mmu_topup_memory_caches+0x93/0x490
[  383.921626][T22364]  kvm_mmu_load+0x9c/0x1cc0
[  383.926127][T22364]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  383.931605][T22364]  ? __lock_acquire+0x4750/0x4750
[  383.936629][T22364]  ? vmx_flush_tlb+0x2b3/0x600
[  383.941386][T22364]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  383.947095][T22364]  ? kvm_apic_has_interrupt+0x543/0xa40
[  383.952634][T22364]  ? kvm_mmu_unload+0xf0/0xf0
[  383.957333][T22364]  ? __kasan_check_write+0x14/0x20
[  383.962452][T22364]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  383.968078][T22364]  ? kvm_apic_accept_events+0x18f/0x470
[  383.973617][T22364]  ? kvm_apic_has_interrupt+0x543/0xa40
[  383.979159][T22364]  vcpu_enter_guest+0x3ffc/0x5530
[  383.984199][T22364]  ? local_bh_enable+0x30/0x30
[  383.988967][T22364]  ? lock_acquire+0x158/0x250
[  383.993635][T22364]  ? rcu_lock_acquire+0xd/0x40
[  383.998395][T22364]  vcpu_run+0x393/0xd40
[  384.002549][T22364]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  384.007999][T22364]  kvm_vcpu_ioctl+0x792/0xba0
[  384.012670][T22364]  ? kvm_vm_release+0x50/0x50
[  384.017358][T22364]  ? tomoyo_path_number_perm+0x587/0x740
[  384.022982][T22364]  ? trace_hardirqs_on+0x74/0x80
[  384.027917][T22364]  ? tomoyo_path_number_perm+0x5f0/0x740
[  384.033578][T22364]  ? tomoyo_check_path_acl+0x180/0x180
[  384.039050][T22364]  ? kvm_vm_release+0x50/0x50
[  384.043729][T22364]  do_vfs_ioctl+0x7d4/0x18f0
[  384.048311][T22364]  ? __lock_acquire+0x4750/0x4750
[  384.053337][T22364]  ? ioctl_preallocate+0x240/0x240
[  384.058473][T22364]  ? fget_many+0x30/0x30
[  384.062715][T22364]  ? debug_smp_processor_id+0x1c/0x20
[  384.068079][T22364]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  384.074136][T22364]  ? tomoyo_file_ioctl+0x23/0x30
[  384.079070][T22364]  ? security_file_ioctl+0xa1/0xd0
[  384.084188][T22364]  __x64_sys_ioctl+0xe3/0x120
[  384.088868][T22364]  do_syscall_64+0xfe/0x140
[  384.093364][T22364]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.099244][T22364] RIP: 0033:0x459829
[  384.103127][T22364] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  384.122718][T22364] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  384.131200][T22364] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
00:35:08 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, 0x0, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:08 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4c01, 0x0)

00:35:08 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:08 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300))
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/hci\x00')
syz_open_dev$cec(&(0x7f0000000040)='/dev/cec#\x00', 0x0, 0x2)
syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x0, 0x8001)
openat(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x80000, 0x4)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/raw6\x00')
syz_open_dev$sndpcmc(&(0x7f0000000140)='/dev/snd/pcmC#D#c\x00', 0x10001, 0x400002)
r0 = syz_open_dev$sndpcmc(&(0x7f0000000180)='/dev/snd/pcmC#D#c\x00', 0xffffffffffff0000, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x8000000000000fb)
r1 = socket$inet(0x2, 0xe, 0x0)
setsockopt$inet_opts(r1, 0x0, 0xff3ea2908694b348, &(0x7f0000000340)="70e82696ea84017b30bc0afa36044cb5bf9106b50cb254671f90dbb90b000800f2ff001d89dc671e24e679674c12823a0799731cd866308214a07526f3045c56c096266054e449b98fa3157b3fca465555c6f9426621f5dd6217a9a328c75bede3bab9d5de170a0a6af16a665cfefb424bfe799cf3c0e5f990c639c7bd18ac4301e55da4bb7c34f9dcf1fe2eb140453bc8b347c4ac3edc97e13c0d6a7fde42e2533acae2af6a25d0ad4d543df6fecca6c03be6ae306490a292d5b6b155123974aa804eb9ccb2e1a69b31404ec8716f57afd0bb2cc100b1bc2fbd32b39985ee9bd8ce58e7209f62ab56d3994ca437c9a75ab9eea0227127a62478cb9b781cd7a9acfef3de3e7ea4fab6cc9e000000000000000000000000000000d7ec8dcf9da95a236f56a4f3f69dd40d87457a15d649daf607fbbf96fc5c0c152fbe72a0f90ccf69e6475d959139dadcdef32f373a6c6a32689d434d1ae8c8ac2313f139bf2a9a4a095fd6609d79d571cfcc3625859b9d24c80451b281b3b7395245bbb63c39dd874ffffaaedce961c1f796bf7aefbad734a7b22a97f6ef384f601dfd30d981361e2a5c768b2b361fd142583d93661c98293df6b40955e0bcc872ef657e00"/457, 0x1c9)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:08 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000000], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000000000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r1 = syz_open_dev$adsp(&(0x7f0000000000)='/dev/adsp#\x00', 0x6, 0x100)
accept4$llc(r1, 0x0, &(0x7f0000000040), 0x0)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  384.139162][T22364] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  384.147122][T22364] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  384.155081][T22364] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  384.163045][T22364] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  384.176115][T22364] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:08 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  384.233593][T22376] input: syz1 as /devices/virtual/input/input388
00:35:08 executing program 5 (fault-call:9 fault-nth:25):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:08 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:08 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x500e, 0x0)

[  384.359057][T22376] input: syz1 as /devices/virtual/input/input389
00:35:08 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x4000, 0x0)
ioctl$KVM_ASSIGN_SET_MSIX_NR(r1, 0x4008ae73, &(0x7f00000001c0)={0x4, 0x81})
r2 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0xb839fdcbba3e26de, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(0xffffffffffffffff, 0x84, 0x1d, &(0x7f0000000100)=ANY=[@ANYBLOB="000c1432e7eafe0b09d365e9a20100b27bc487a31381fb5143c87a59e6055698a76c12a32c09f32004181e0dde75f5990f28cdc3086ecc3f368bf0dd27ea2530fe91460f639adb84923940b03fe17840e609ac9305738edb13b703f55853a5ae300e855cf238f471df8be60e86629fa30f542cf6ef28bde7e8b8a399278d5699d6a770d612be49daca73f329fe4a5f2450dde099dc6d45", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=<r3=>0x0, @ANYRES32=0x0], &(0x7f0000000080)=0x24)
setsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, &(0x7f00000000c0)={0x358e9b5a, 0xb, 0x8, 0x10003, r3}, 0x10)
socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

00:35:08 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  384.452690][T22397] FAULT_INJECTION: forcing a failure.
[  384.452690][T22397] name failslab, interval 1, probability 0, space 0, times 0
[  384.507901][T22397] CPU: 0 PID: 22397 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  384.515966][T22397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  384.515972][T22397] Call Trace:
[  384.515998][T22397]  dump_stack+0x1d8/0x2f8
[  384.516014][T22397]  should_fail+0x608/0x860
[  384.516027][T22397]  ? setup_fault_attr+0x2b0/0x2b0
[  384.516044][T22397]  __should_failslab+0x11a/0x160
[  384.516057][T22397]  ? mmu_topup_memory_caches+0x93/0x490
[  384.516070][T22397]  should_failslab+0x9/0x20
00:35:08 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  384.516082][T22397]  kmem_cache_alloc+0x56/0x2e0
[  384.516092][T22397]  ? mmu_topup_memory_caches+0x93/0x490
[  384.516109][T22397]  mmu_topup_memory_caches+0x93/0x490
[  384.558173][T22397]  kvm_mmu_load+0x9c/0x1cc0
[  384.558186][T22397]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  384.558196][T22397]  ? __lock_acquire+0x4750/0x4750
[  384.558212][T22397]  ? vmx_flush_tlb+0x2b3/0x600
[  384.593706][T22397]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  384.599444][T22397]  ? kvm_apic_has_interrupt+0x543/0xa40
[  384.605007][T22397]  ? kvm_mmu_unload+0xf0/0xf0
[  384.605021][T22397]  ? __kasan_check_write+0x14/0x20
[  384.605030][T22397]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  384.605038][T22397]  ? kvm_apic_accept_events+0x18f/0x470
[  384.605046][T22397]  ? kvm_apic_has_interrupt+0x543/0xa40
[  384.605060][T22397]  vcpu_enter_guest+0x3ffc/0x5530
[  384.605079][T22397]  ? local_bh_enable+0x30/0x30
[  384.620507][T22397]  ? lock_acquire+0x158/0x250
[  384.620516][T22397]  ? rcu_lock_acquire+0xd/0x40
[  384.620532][T22397]  vcpu_run+0x393/0xd40
[  384.620551][T22397]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  384.620562][T22397]  kvm_vcpu_ioctl+0x792/0xba0
[  384.620579][T22397]  ? kvm_vm_release+0x50/0x50
[  384.631679][T22397]  ? tomoyo_path_number_perm+0x587/0x740
[  384.631691][T22397]  ? trace_hardirqs_on+0x74/0x80
[  384.631702][T22397]  ? tomoyo_path_number_perm+0x5f0/0x740
[  384.631716][T22397]  ? tomoyo_check_path_acl+0x180/0x180
[  384.631732][T22397]  ? kvm_vm_release+0x50/0x50
[  384.641612][T22397]  do_vfs_ioctl+0x7d4/0x18f0
[  384.641626][T22397]  ? __lock_acquire+0x4750/0x4750
[  384.641637][T22397]  ? ioctl_preallocate+0x240/0x240
[  384.641655][T22397]  ? fget_many+0x30/0x30
[  384.641671][T22397]  ? debug_smp_processor_id+0x1c/0x20
[  384.655263][T22397]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  384.691674][T22397]  ? tomoyo_file_ioctl+0x23/0x30
[  384.691687][T22397]  ? security_file_ioctl+0xa1/0xd0
[  384.691700][T22397]  __x64_sys_ioctl+0xe3/0x120
[  384.691714][T22397]  do_syscall_64+0xfe/0x140
[  384.691727][T22397]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.691743][T22397] RIP: 0033:0x459829
[  384.697264][T22409] input: syz1 as /devices/virtual/input/input390
[  384.701012][T22397] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  384.701018][T22397] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  384.701026][T22397] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  384.701032][T22397] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  384.701037][T22397] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  384.701042][T22397] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  384.701047][T22397] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  384.730714][T22397] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  384.949622][T22409] input: syz1 as /devices/virtual/input/input391
00:35:09 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:09 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:09 executing program 0:
socketpair$unix(0x1, 0x100000001, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
socket(0x4c4a6c47da6c8f58, 0x800, 0x8ccd)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = fcntl$getown(r0, 0x9)
sched_rr_get_interval(r2, &(0x7f0000000000))

00:35:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5201, 0x0)

00:35:09 executing program 5 (fault-call:9 fault-nth:26):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:09 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000200)='/dev/uinput\x00', 0x7ff, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000)='/dev/snapshot\x00', 0x80, 0x0)
ioctl$TIOCGPGRP(r1, 0x540f, &(0x7f0000000040))
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000080)='/dev/snapshot\x00', 0x420001, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000880)={'syz1\x00', {0x10001, 0x8, 0x8, 0x1}, 0x43, [0x7fffffff, 0xed, 0x80000000, 0x20, 0x2, 0x0, 0x40, 0x5, 0x0, 0xfffffffffffffe01, 0x101, 0x7, 0x3, 0x4643, 0x0, 0x8000, 0x2, 0x4, 0x0, 0x6, 0x3fc, 0x59, 0x1, 0x4, 0x40, 0x8000, 0x8, 0x0, 0xfffffffffffffffb, 0x3f, 0x8, 0x4, 0x0, 0x54, 0x7fff, 0x8, 0x2899, 0x1, 0x100000001, 0x20, 0x8001, 0xfd0, 0x9, 0x9, 0xde, 0x80000001, 0x673, 0x8, 0x7, 0x40000, 0x6, 0xb3, 0x20, 0x2, 0x0, 0xfc, 0x5, 0x4, 0x0, 0x3, 0x1, 0xffff, 0x0, 0x6bf], [0x8, 0x6, 0x5, 0x800000, 0x3, 0x3, 0xfffffffffffffffb, 0x8, 0x80000001, 0xffffffffffffffc1, 0x1, 0x4, 0x4, 0x8, 0x6, 0x101, 0x2, 0x1, 0x7, 0x20, 0x7, 0xfffffffffffffffa, 0x9, 0xffff, 0x5, 0x3, 0x9, 0x3, 0x3f6, 0x6, 0x5, 0x81, 0x3, 0x5, 0x400, 0x3, 0x0, 0x3ff, 0xfffffffffffffffc, 0x5, 0x1000, 0x2, 0x800, 0x2, 0x0, 0x2, 0x7, 0x4, 0x76, 0x1, 0x1, 0x8, 0x587, 0x8000, 0x6, 0xffffffffffffb29e, 0x1000, 0xffff, 0x6, 0xe28, 0x1000, 0x6, 0x100000001, 0x4a0], [0x2ea, 0x5, 0x1, 0x281, 0x7fffffff, 0x6, 0x80, 0x0, 0x7ff, 0x9, 0x3, 0x5, 0x382f, 0x20, 0xfff, 0xfffffffffffff001, 0x5, 0x80000001, 0x4, 0x7fffffff, 0x3, 0x100, 0x3, 0x7e, 0x8, 0x3, 0xffff, 0x1000, 0x6, 0x8, 0x7fffffff, 0x7, 0xffffffffffffffff, 0x81, 0x0, 0x0, 0x100000000, 0x5fcde0b1, 0x6, 0x0, 0x5, 0x400, 0x100000001, 0x6, 0x6, 0x1ff, 0x5, 0x1c0000000000000, 0xb81, 0x101, 0x2cb0, 0x8, 0x100000001, 0x401, 0x101, 0x3, 0x7f, 0x37b, 0x20, 0x68a, 0x4, 0x1, 0x6ad2, 0x2], [0x4, 0x3, 0x2, 0x0, 0x89d8, 0x7, 0x1, 0x6, 0x218c, 0x2, 0x154, 0x937, 0x7fffffff, 0x7fc0000, 0x7fff, 0xff, 0x1, 0xdd, 0x5, 0x2, 0x3ff, 0x0, 0xf9d0, 0x0, 0x1, 0x7, 0x6, 0x1, 0x7, 0x7000, 0x77a4efe6, 0xdc8, 0xa625, 0x9, 0xffffffffffff7fff, 0x3f, 0x6580000000000000, 0x9719, 0x1, 0x0, 0x3, 0x7, 0x6, 0x4, 0x3, 0xf4ca, 0x29e, 0xe7, 0x3, 0x5, 0x3ff, 0x4d036c54, 0x9, 0x8, 0xa, 0x7fff, 0x3, 0x7, 0x0, 0x101, 0x4, 0x2, 0x90, 0x6]}, 0x45c)
dup(r0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
ioctl$UI_SET_KEYBIT(r0, 0x40045565, 0xbf)
ioctl$BLKROTATIONAL(r1, 0x127e, &(0x7f0000000100))

00:35:09 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:09 executing program 4:
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502)

00:35:09 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000000)='hugetlb.2MB.usage_in_bytes\x00', 0x0, 0x0)
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000080)='IPVS\x00')
sendmsg$IPVS_CMD_DEL_DEST(r1, &(0x7f0000000180)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x80000100}, 0xc, &(0x7f0000000140)={&(0x7f00000000c0)={0x48, r2, 0x701, 0x70bd28, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x10001}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x2}, @IPVS_CMD_ATTR_DAEMON={0xc, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x2}]}, @IPVS_CMD_ATTR_TIMEOUT_TCP={0x8, 0x4, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_TCP_FIN={0x8, 0x5, 0x4}, @IPVS_CMD_ATTR_TIMEOUT_UDP={0x8, 0x6, 0x8}]}, 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)

[  385.185881][T22437] FAULT_INJECTION: forcing a failure.
[  385.185881][T22437] name failslab, interval 1, probability 0, space 0, times 0
[  385.258047][T22437] CPU: 1 PID: 22437 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  385.273104][T22437] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  385.283168][T22437] Call Trace:
[  385.286474][T22437]  dump_stack+0x1d8/0x2f8
[  385.290824][T22437]  should_fail+0x608/0x860
[  385.296483][T22437]  ? setup_fault_attr+0x2b0/0x2b0
[  385.301537][T22437]  __should_failslab+0x11a/0x160
[  385.306499][T22437]  ? mmu_topup_memory_caches+0x93/0x490
[  385.312067][T22437]  should_failslab+0x9/0x20
[  385.316593][T22437]  kmem_cache_alloc+0x56/0x2e0
[  385.321380][T22437]  ? mmu_topup_memory_caches+0x93/0x490
[  385.326963][T22437]  mmu_topup_memory_caches+0x93/0x490
[  385.332353][T22437]  kvm_mmu_load+0x9c/0x1cc0
[  385.337237][T22437]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  385.342713][T22437]  ? __lock_acquire+0x4750/0x4750
[  385.347750][T22437]  ? vmx_flush_tlb+0x2b3/0x600
[  385.352528][T22437]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  385.358258][T22437]  ? kvm_apic_has_interrupt+0x543/0xa40
[  385.363817][T22437]  ? kvm_mmu_unload+0xf0/0xf0
[  385.368525][T22437]  ? __kasan_check_write+0x14/0x20
[  385.368537][T22437]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  385.368552][T22437]  ? kvm_apic_accept_events+0x18f/0x470
[  385.379301][T22437]  ? kvm_apic_has_interrupt+0x543/0xa40
[  385.379324][T22437]  vcpu_enter_guest+0x3ffc/0x5530
[  385.390428][T22437]  ? local_bh_enable+0x30/0x30
[  385.390441][T22437]  ? lock_acquire+0x158/0x250
[  385.390454][T22437]  ? rcu_lock_acquire+0xd/0x40
[  385.404920][T22437]  vcpu_run+0x393/0xd40
[  385.413851][T22437]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  385.419328][T22437]  kvm_vcpu_ioctl+0x792/0xba0
[  385.419339][T22437]  ? kvm_vm_release+0x50/0x50
[  385.419349][T22437]  ? tomoyo_path_number_perm+0x587/0x740
[  385.419358][T22437]  ? trace_hardirqs_on+0x74/0x80
[  385.419369][T22437]  ? tomoyo_path_number_perm+0x5f0/0x740
[  385.419382][T22437]  ? tomoyo_check_path_acl+0x180/0x180
[  385.419392][T22437]  ? kvm_vm_release+0x50/0x50
00:35:09 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x540b, 0x0)

00:35:09 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = openat$dlm_control(0xffffffffffffff9c, &(0x7f0000000100)='/dev/dlm-control\x00', 0x404d00, 0x0)
ioctl$BLKTRACESTART(r1, 0x1274, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r2 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000000)='/dev/dlm-monitor\x00', 0x80, 0x0)
ioctl$PERF_EVENT_IOC_MODIFY_ATTRIBUTES(r2, 0x4008240b, &(0x7f0000000040)={0x7, 0x70, 0x0, 0x8, 0xf4e, 0x4, 0x0, 0x7f, 0x802, 0x1, 0x0, 0x2, 0x1ff, 0xf94b, 0x9, 0x0, 0xfffffffffffffff8, 0x7, 0x7, 0x0, 0x7f, 0x0, 0x2, 0xf4, 0xff, 0x5, 0xfffffffffffffffc, 0x6, 0x2, 0x2, 0x80, 0x81, 0x4, 0x6, 0x0, 0x800, 0x0, 0x5, 0x0, 0xa25c, 0x0, @perf_config_ext={0xff, 0x9}, 0x0, 0x1, 0x80000001, 0x9, 0x629, 0xaf79, 0x6})
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:09 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x200080, 0x0)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080)='TIPC\x00')
sendmsg$TIPC_CMD_RESET_LINK_STATS(r2, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1080}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x28, r3, 0x10, 0x70bd25, 0x25dfdbfe, {{}, 0x0, 0x410c, 0x0, {0xc, 0x14, 'syz0\x00'}}, ["", "", "", "", "", ""]}, 0x28}, 0x1, 0x0, 0x0, 0x20040084}, 0x4)

[  385.419402][T22437]  do_vfs_ioctl+0x7d4/0x18f0
[  385.419422][T22437]  ? __lock_acquire+0x4750/0x4750
[  385.419442][T22437]  ? ioctl_preallocate+0x240/0x240
[  385.419464][T22437]  ? fget_many+0x30/0x30
[  385.435911][T22437]  ? debug_smp_processor_id+0x1c/0x20
[  385.435924][T22437]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  385.435937][T22437]  ? tomoyo_file_ioctl+0x23/0x30
[  385.435947][T22437]  ? security_file_ioctl+0xa1/0xd0
[  385.435958][T22437]  __x64_sys_ioctl+0xe3/0x120
[  385.435972][T22437]  do_syscall_64+0xfe/0x140
[  385.435984][T22437]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  385.435998][T22437] RIP: 0033:0x459829
[  385.452031][T22437] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  385.452037][T22437] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  385.452045][T22437] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  385.452051][T22437] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  385.452056][T22437] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  385.452069][T22437] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  385.461327][T22437] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  385.476397][T22460] input: syz1 as /devices/virtual/input/input392
[  385.603237][T22437] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  385.711342][T22460] input: syz1 as /devices/virtual/input/input393
00:35:10 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:10 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
openat$null(0xffffffffffffff9c, &(0x7f0000000200)='/dev/null\x00', 0x400200, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000240)='/dev/snapshot\x00', 0x4000, 0x0)
r2 = dup(r0)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0xffffffffffffffbe)
ioctl$KVM_GET_FPU(r1, 0x81a0ae8c, &(0x7f0000000340))
getrlimit(0xf, &(0x7f00000001c0))
setxattr$trusted_overlay_opaque(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='trusted.overlay.opaque\x00', &(0x7f0000000080)='y\x00', 0x2, 0x2)
r3 = accept4(r0, &(0x7f00000000c0)=@can, &(0x7f0000000140)=0x80, 0x80800)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000180)='hybla\x00', 0x6)

00:35:10 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:10 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x541c, 0x0)

00:35:10 executing program 5 (fault-call:9 fault-nth:27):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:10 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  386.007392][T22488] input: syz1 as /devices/virtual/input/input394
[  386.027606][T22485] FAULT_INJECTION: forcing a failure.
[  386.027606][T22485] name failslab, interval 1, probability 0, space 0, times 0
00:35:10 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:10 executing program 0:
r0 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x400000, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000080)=0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

[  386.055650][T22485] CPU: 0 PID: 22485 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  386.063671][T22485] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  386.073776][T22485] Call Trace:
[  386.073804][T22485]  dump_stack+0x1d8/0x2f8
[  386.073818][T22485]  should_fail+0x608/0x860
[  386.073831][T22485]  ? setup_fault_attr+0x2b0/0x2b0
[  386.073851][T22485]  __should_failslab+0x11a/0x160
[  386.073873][T22485]  ? mmu_topup_memory_caches+0x93/0x490
[  386.101426][T22485]  should_failslab+0x9/0x20
[  386.105952][T22485]  kmem_cache_alloc+0x56/0x2e0
[  386.110729][T22485]  ? mmu_topup_memory_caches+0x93/0x490
[  386.116286][T22485]  mmu_topup_memory_caches+0x93/0x490
[  386.116299][T22485]  kvm_mmu_load+0x9c/0x1cc0
[  386.116310][T22485]  ? preempt_schedule_irq+0x10a/0x140
[  386.116321][T22485]  ? kvm_apic_has_interrupt+0x543/0xa40
[  386.116329][T22485]  ? kvm_mmu_unload+0xf0/0xf0
[  386.116342][T22485]  ? __kasan_check_write+0x14/0x20
[  386.116350][T22485]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  386.116366][T22485]  ? kvm_apic_has_interrupt+0x400/0xa40
00:35:10 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  386.158191][T22485]  ? kvm_apic_has_interrupt+0x543/0xa40
[  386.163754][T22485]  vcpu_enter_guest+0x3ffc/0x5530
[  386.168799][T22485]  ? local_bh_enable+0x30/0x30
[  386.173583][T22485]  ? lock_acquire+0x158/0x250
[  386.178270][T22485]  ? rcu_lock_acquire+0xd/0x40
[  386.183064][T22485]  vcpu_run+0x393/0xd40
[  386.187245][T22485]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  386.192719][T22485]  kvm_vcpu_ioctl+0x792/0xba0
[  386.197415][T22485]  ? kvm_vm_release+0x50/0x50
[  386.197427][T22485]  ? tomoyo_path_number_perm+0x587/0x740
[  386.197436][T22485]  ? trace_hardirqs_on+0x74/0x80
[  386.197446][T22485]  ? tomoyo_path_number_perm+0x5f0/0x740
[  386.197458][T22485]  ? tomoyo_check_path_acl+0x180/0x180
[  386.197469][T22485]  ? kvm_vm_release+0x50/0x50
[  386.197480][T22485]  do_vfs_ioctl+0x7d4/0x18f0
[  386.197491][T22485]  ? __lock_acquire+0x4750/0x4750
[  386.197500][T22485]  ? ioctl_preallocate+0x240/0x240
[  386.197517][T22485]  ? fget_many+0x30/0x30
[  386.197525][T22485]  ? debug_smp_processor_id+0x1c/0x20
00:35:10 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
setsockopt$inet_tcp_buf(r1, 0x6, 0xd, &(0x7f0000000000)="a1d3643a932d18d3727c66c02feafe32eb882e07d97b5b8f3dde18a00a00e03c5a584a310439f0d5ae92c3e827ced021d559e9e3191500710316f80ef0ca58ff1d", 0x41)

[  386.197536][T22485]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  386.197552][T22485]  ? tomoyo_file_ioctl+0x23/0x30
[  386.207875][T22485]  ? security_file_ioctl+0xa1/0xd0
[  386.207888][T22485]  __x64_sys_ioctl+0xe3/0x120
[  386.207902][T22485]  do_syscall_64+0xfe/0x140
[  386.207924][T22485]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  386.207933][T22485] RIP: 0033:0x459829
[  386.207944][T22485] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  386.207949][T22485] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  386.207957][T22485] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  386.207963][T22485] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  386.207968][T22485] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  386.207972][T22485] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  386.207977][T22485] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
00:35:10 executing program 0:
socketpair$unix(0x1, 0xffffffffffffffff, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000000)='/dev/btrfs-control\x00', 0x900, 0x0)
ioctl$PPPIOCSPASS(r1, 0x40107447, &(0x7f0000000080)={0x1, &(0x7f0000000040)=[{0x200, 0xeb4, 0x2, 0x7f}]})
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
write$P9_RLINK(r1, &(0x7f0000000200)={0x7, 0x47, 0x2}, 0x7)
unshare(0x20040600)
geteuid()
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)
write$P9_RREAD(r1, &(0x7f0000000100)={0xc6, 0x75, 0x2, {0xbb, "849873b6fa466cca47770f5c09b87acd956df450f3a8bbc8152c7894b0ea23f27d37e530db2a5c4f310a17a2922b70db7fa6757f2730c41f5839d69f21a6d087946edec1451daaec1b1bec3a512c469cd60ccfc5f7de66c2521a322b3f66c70e37a466b909f433630114ef5089f7d4ac91a179c4e6ff75f613c28a184d837e7c0e069b643ee23914b3cd5fdb14fcbf2a6a54faf33c8a869dc1dd3b9fa3c2ab5b6c394ed41399c4bf50b492619b6f79d87b3d4ef8b00fbecdc2e7d8"}}, 0xc6)

00:35:10 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5420, 0x0)

[  386.342055][T22485] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  386.441803][T22495] input: syz1 as /devices/virtual/input/input395
00:35:11 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:11 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:11 executing program 5 (fault-call:9 fault-nth:28):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:11 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_PROPBIT(r0, 0x4004556e, 0x1f)
getsockopt$IP_VS_SO_GET_SERVICE(r0, 0x0, 0x483, &(0x7f0000000180), &(0x7f0000000200)=0x68)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0x7, [@typedef={0x4, 0x0, 0x0, 0x8, 0x3}, @typedef={0x8, 0x0, 0x0, 0x8, 0x2}, @fwd={0xd}]}, {0x0, [0x30, 0x61, 0x61, 0x3e, 0x0]}}, &(0x7f0000000100)=""/100, 0x43, 0x64, 0x1}, 0x20)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:11 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040))
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0x21, 0x0, 0x0)
r1 = syz_open_dev$vcsa(&(0x7f0000000000)='/dev/vcsa#\x00', 0x52, 0x102)
getsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000480)={@dev, @rand_addr, <r2=>0x0}, &(0x7f00000004c0)=0xc)
connect$packet(r1, &(0x7f0000000500)={0x11, 0x17, r2, 0x1, 0x6, 0x6, @dev={[], 0x1c}}, 0x14)

00:35:11 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5421, 0x0)

00:35:11 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
rseq(&(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x4, 0x8, 0x1, 0x8}, 0x1}, 0x20, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
accept4$unix(r0, &(0x7f0000000080), &(0x7f0000000100)=0x6e, 0x800)
r2 = socket$pppoe(0x18, 0x1, 0x0)
sendto$inet6(r2, &(0x7f0000000000)="33bc96f9b9d18ae8e7eba10e83ccbd10894bd27cae5f0e3b26ac025d8d9a1d4c970782c1cb22303323146e84c12f18f9495a243996d0104454d137c744a9b1aa4e56f4fe4e3764e306fe629fb930", 0x4e, 0x24000000, 0x0, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

[  386.895353][T22540] input: syz1 as /devices/virtual/input/input396
00:35:11 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  386.990540][T22548] FAULT_INJECTION: forcing a failure.
[  386.990540][T22548] name failslab, interval 1, probability 0, space 0, times 0
[  387.031272][T22540] input: syz1 as /devices/virtual/input/input397
[  387.035141][T22548] CPU: 1 PID: 22548 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  387.045636][T22548] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  387.045641][T22548] Call Trace:
[  387.045663][T22548]  dump_stack+0x1d8/0x2f8
[  387.045675][T22548]  should_fail+0x608/0x860
[  387.045686][T22548]  ? setup_fault_attr+0x2b0/0x2b0
[  387.045700][T22548]  __should_failslab+0x11a/0x160
[  387.045712][T22548]  ? mmu_topup_memory_caches+0x93/0x490
[  387.045723][T22548]  should_failslab+0x9/0x20
[  387.045733][T22548]  kmem_cache_alloc+0x56/0x2e0
[  387.045742][T22548]  ? mmu_topup_memory_caches+0x93/0x490
[  387.045753][T22548]  mmu_topup_memory_caches+0x93/0x490
[  387.045768][T22548]  kvm_mmu_load+0x9c/0x1cc0
[  387.087872][T22548]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  387.087885][T22548]  ? __lock_acquire+0x4750/0x4750
[  387.087894][T22548]  ? vmx_flush_tlb+0x2b3/0x600
[  387.087905][T22548]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  387.087921][T22548]  ? kvm_apic_has_interrupt+0x543/0xa40
[  387.103706][T22548]  ? kvm_mmu_unload+0xf0/0xf0
[  387.103723][T22548]  ? __kasan_check_write+0x14/0x20
[  387.103741][T22548]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  387.113730][T22548]  ? kvm_apic_accept_events+0x18f/0x470
[  387.113740][T22548]  ? kvm_apic_has_interrupt+0x543/0xa40
[  387.113756][T22548]  vcpu_enter_guest+0x3ffc/0x5530
[  387.113773][T22548]  ? local_bh_enable+0x30/0x30
[  387.113790][T22548]  ? lock_acquire+0x158/0x250
[  387.129291][T22548]  ? rcu_lock_acquire+0xd/0x40
00:35:11 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5450, 0x0)

00:35:11 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000080)='NET_DM\x00')
sendmsg$NET_DM_CMD_START(r1, &(0x7f0000000140)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40800000}, 0xc, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, r2, 0x6, 0x70bd2a, 0x25dfdbff, {}, ["", "", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x20000000)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0x21, 0x0, 0x0)

[  387.129309][T22548]  vcpu_run+0x393/0xd40
[  387.129327][T22548]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  387.129343][T22548]  kvm_vcpu_ioctl+0x792/0xba0
[  387.161378][T22548]  ? kvm_vm_release+0x50/0x50
[  387.171165][T22548]  ? tomoyo_path_number_perm+0x587/0x740
[  387.171178][T22548]  ? trace_hardirqs_on+0x74/0x80
[  387.171190][T22548]  ? tomoyo_path_number_perm+0x5f0/0x740
[  387.171203][T22548]  ? tomoyo_check_path_acl+0x180/0x180
[  387.171219][T22548]  ? kvm_vm_release+0x50/0x50
[  387.180674][T22548]  do_vfs_ioctl+0x7d4/0x18f0
[  387.180689][T22548]  ? __lock_acquire+0x4750/0x4750
[  387.180699][T22548]  ? ioctl_preallocate+0x240/0x240
[  387.180719][T22548]  ? fget_many+0x30/0x30
[  387.205429][T22548]  ? debug_smp_processor_id+0x1c/0x20
[  387.205443][T22548]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  387.205457][T22548]  ? tomoyo_file_ioctl+0x23/0x30
[  387.205468][T22548]  ? security_file_ioctl+0xa1/0xd0
[  387.205479][T22548]  __x64_sys_ioctl+0xe3/0x120
[  387.205493][T22548]  do_syscall_64+0xfe/0x140
[  387.205504][T22548]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  387.205513][T22548] RIP: 0033:0x459829
[  387.205524][T22548] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  387.205529][T22548] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
00:35:11 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
semget(0x0, 0x7, 0x100)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)

00:35:11 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0xffffffffffffff5e)

[  387.205538][T22548] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  387.205543][T22548] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  387.205549][T22548] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  387.205554][T22548] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  387.205560][T22548] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  387.333788][T22548] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:11 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:11 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000000)=""/99, 0x63)
setsockopt$inet6_tcp_TCP_CONGESTION(r2, 0x6, 0x21, 0x0, 0x0)

00:35:11 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:11 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5451, 0x0)

00:35:11 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x200100, 0x0)
ioctl$EVIOCSABS3F(r1, 0x401845ff, &(0x7f0000000040)={0xfff, 0xef, 0x0, 0x5, 0x1000, 0x8})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
setsockopt$IPT_SO_SET_ADD_COUNTERS(r1, 0x0, 0x41, &(0x7f0000000100)={'mangle\x00', 0x4, [{}, {}, {}, {}]}, 0x68)

00:35:11 executing program 5 (fault-call:9 fault-nth:29):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  387.723311][T22581] input: syz1 as /devices/virtual/input/input398
00:35:12 executing program 0:
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
unshare(0x20040600)
setsockopt$inet6_tcp_TCP_CONGESTION(r1, 0x6, 0x21, 0x0, 0x0)
r2 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000040)='NET_DM\x00')
sendmsg$NET_DM_CMD_STOP(r1, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, r2, 0x0, 0x70bd28, 0x25dfdbfb, {}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x40c5}, 0x40)

[  387.770824][T22584] FAULT_INJECTION: forcing a failure.
[  387.770824][T22584] name failslab, interval 1, probability 0, space 0, times 0
[  387.801890][T22584] CPU: 0 PID: 22584 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  387.809911][T22584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  387.819985][T22584] Call Trace:
[  387.820010][T22584]  dump_stack+0x1d8/0x2f8
[  387.820026][T22584]  should_fail+0x608/0x860
[  387.820040][T22584]  ? setup_fault_attr+0x2b0/0x2b0
[  387.820060][T22584]  __should_failslab+0x11a/0x160
[  387.832098][T22584]  ? mmu_topup_memory_caches+0x93/0x490
[  387.832110][T22584]  should_failslab+0x9/0x20
[  387.832120][T22584]  kmem_cache_alloc+0x56/0x2e0
[  387.832128][T22584]  ? mmu_topup_memory_caches+0x93/0x490
[  387.832138][T22584]  mmu_topup_memory_caches+0x93/0x490
[  387.832148][T22584]  kvm_mmu_load+0x9c/0x1cc0
[  387.832158][T22584]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  387.832175][T22584]  ? __lock_acquire+0x4750/0x4750
[  387.842134][T22584]  ? vmx_flush_tlb+0x2b3/0x600
[  387.842147][T22584]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  387.842158][T22584]  ? kvm_apic_has_interrupt+0x543/0xa40
[  387.842169][T22584]  ? kvm_mmu_unload+0xf0/0xf0
[  387.842190][T22584]  ? __kasan_check_write+0x14/0x20
[  387.898895][T22584]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  387.898906][T22584]  ? kvm_apic_accept_events+0x18f/0x470
[  387.898922][T22584]  ? kvm_apic_has_interrupt+0x543/0xa40
[  387.898939][T22584]  vcpu_enter_guest+0x3ffc/0x5530
[  387.898954][T22584]  ? local_bh_enable+0x30/0x30
[  387.898966][T22584]  ? lock_acquire+0x158/0x250
[  387.898974][T22584]  ? rcu_lock_acquire+0xd/0x40
[  387.898990][T22584]  vcpu_run+0x393/0xd40
[  387.899008][T22584]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  387.908807][T22584]  kvm_vcpu_ioctl+0x792/0xba0
[  387.908817][T22584]  ? kvm_vm_release+0x50/0x50
[  387.908829][T22584]  ? tomoyo_path_number_perm+0x587/0x740
00:35:12 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:12 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5452, 0x0)

[  387.908840][T22584]  ? trace_hardirqs_on+0x74/0x80
[  387.908850][T22584]  ? tomoyo_path_number_perm+0x5f0/0x740
[  387.908862][T22584]  ? tomoyo_check_path_acl+0x180/0x180
[  387.908872][T22584]  ? kvm_vm_release+0x50/0x50
[  387.908883][T22584]  do_vfs_ioctl+0x7d4/0x18f0
[  387.908895][T22584]  ? __lock_acquire+0x4750/0x4750
[  387.908905][T22584]  ? ioctl_preallocate+0x240/0x240
[  387.908930][T22584]  ? fget_many+0x30/0x30
[  387.944810][T22584]  ? debug_smp_processor_id+0x1c/0x20
[  387.944823][T22584]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  387.944837][T22584]  ? tomoyo_file_ioctl+0x23/0x30
[  387.944848][T22584]  ? security_file_ioctl+0xa1/0xd0
[  387.944860][T22584]  __x64_sys_ioctl+0xe3/0x120
[  387.944874][T22584]  do_syscall_64+0xfe/0x140
[  387.944891][T22584]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  387.954507][T22584] RIP: 0033:0x459829
[  387.954518][T22584] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
00:35:12 executing program 0:
seccomp(0x1, 0x0, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0xffffff7f7fffffff}]})
unshare(0x0)

[  387.954522][T22584] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  387.954531][T22584] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  387.954537][T22584] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  387.954542][T22584] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  387.954548][T22584] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  387.954553][T22584] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  387.977062][T22584] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:12 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:12 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5460, 0x0)

[  388.149740][T22591] input: syz1 as /devices/virtual/input/input399
00:35:12 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:12 executing program 5 (fault-call:9 fault-nth:30):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:12 executing program 4:
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
r0 = openat$sequencer2(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/sequencer2\x00', 0x44a600, 0x0)
io_uring_register$IORING_UNREGISTER_EVENTFD(r0, 0x5, 0x0, 0x0)
ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502)
r1 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000040)='/proc/capi/capi20ncci\x00', 0x4000, 0x0)
getsockopt$bt_BT_RCVMTU(r1, 0x112, 0xd, &(0x7f0000000140)=0x7, &(0x7f0000000180)=0x2)
accept$packet(r0, &(0x7f00000001c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14)
ioctl$HCIINQUIRY(r1, 0x800448f0, &(0x7f0000000240)={r2, 0x0, 0x2, 0x1000, 0x3f, 0x2, 0x6})
ioctl$DRM_IOCTL_AGP_ALLOC(0xffffffffffffffff, 0xc0206434, &(0x7f0000000080)={0x1000, <r3=>0x0, 0x10001, 0xfff})
r4 = getpid()
ptrace$PTRACE_SECCOMP_GET_METADATA(0x420d, r4, 0x10, &(0x7f0000000300)={0xab})
ioctl$UI_BEGIN_FF_UPLOAD(r0, 0xc06855c8, &(0x7f0000000280)={0x8, 0x8, {0x54, 0x1, 0x1, {0x20}, {0x0, 0x7fff}, @const={0x7, {0x1, 0x5, 0x100000000}}}, {0x53, 0x1, 0x1, {0x0, 0x7}, {0x343eb25f, 0x6}, @rumble={0x2, 0x5}}})
ioctl$UI_SET_PROPBIT(r1, 0x4004556e, 0x1d)
ioctl$DRM_IOCTL_SG_FREE(r1, 0x40106439, &(0x7f0000000100)={0x5, r3})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x2, 0x0)

00:35:12 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:12 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x2}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000005c0))
socket$inet_udplite(0x2, 0x2, 0x88)
semget$private(0x0, 0x3, 0x100)
pipe(&(0x7f00000001c0))
syz_open_dev$loop(&(0x7f00000004c0)='/dev/loop#\x00', 0x0, 0x0)
memfd_create(&(0x7f0000000200)='\x00', 0x0)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000000)={0x313, 0x3})
openat$null(0xffffffffffffff9c, &(0x7f0000000180)='/dev/null\x00', 0xff7ffffffffffffc, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f00000002c0)='/proc/self/net/pfkey\x00', 0x200000, 0x0)
pipe2(0x0, 0x83ffc)
r2 = dup(0xffffffffffffffff)
write$UHID_INPUT2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYBLOB="0c000000c700a590be84d3eb2461abe6a87b08f656a9e041a3be2f9b394ddd696697afe1524791d89856b00373ac98a73259e88693585682e393f10667cf4d7e8d1f9b026fd24e0bb92c92a75bb627883763fd3b991a3c6c728bf9a6f843ed5e4fbd6d204175a25d467ffce738e55c336e0085dfdecb7dd83c88f68b7fc5aea4bbce71e7a9c5b61938bde73ca45aaec0a25058c6c16f7c03d3ccc21df93d6e1170e8b0de16cc1cd497b438e412ecf0b2d59fbb38a4432ef74733c4f887715dfbc0638fca3f37d3991ae72d9fd044e0b726f43da52303e7d4623cc0613fe5cb2f7f30955237ef173ee89484a27eb62fbf51a8acb8648867227bbe75cc7b60cbc9b9473aefc329c025d63d449aba270e4fcf5a1b23"], 0xcd)
ioctl$SNDRV_SEQ_IOCTL_SUBSCRIBE_PORT(r2, 0x40505330, 0x0)
getsockname$packet(r1, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, 0x0)
openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x89a1, &(0x7f00000000c0)={@local={0xfe, 0x80, [0x600, 0x3ef, 0x0, 0x3f00000000000000, 0x100000000000000, 0x0, 0x1103, 0x0, 0x0, 0x0, 0x0, 0x6]}})
ioctl$sock_inet6_SIOCADDRT(r3, 0x89a0, &(0x7f0000000100)={@local={0xfe, 0x80, [0x0, 0xfeff0000]}, @empty, @loopback})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
creat(&(0x7f0000000700)='./bus\x00', 0x0)
getuid()
prctl$PR_SET_MM_AUXV(0x23, 0xc, &(0x7f0000000740)="5d5f43a474c40329b5fbcff1d0675020e456e97c329ef11fad7ec67f4b3619c519011f62595720bffbf698dfddae62eedbfa8a21b36b8315cd93d85e1b2a84a3178fb56f85583d67874b55c9c6d979064684265e748fdc4266429f0abe7996bdc73dd77f3c6d45210a2d39a7dd6be3d15702c83ad90db590a2dc7b9b52c9fa8b3dd39941b478ca2a199bf9335d1221bd83c891fc0046e39bddfada9c2edeed9706306d595ad965eef444778115f028c18046906c06fdc189c505a37cdff5134a5f51d9eaf794bbccaf8e575365b9448c5803de88eb4aadf6db1e449872b77ced162a9e3a33bc8d49bf6390794fd25e5e", 0x92)
socket$packet(0x11, 0x3, 0x300)

00:35:12 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x54e3, 0x0)

00:35:12 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = socket$inet6(0xa, 0x1000000000002, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = dup2(r4, r2)
sendmsg$netlink(r5, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r3, &(0x7f0000000140)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x62, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x9)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:12 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  388.700573][T22648] FAULT_INJECTION: forcing a failure.
[  388.700573][T22648] name failslab, interval 1, probability 0, space 0, times 0
[  388.735469][T22648] CPU: 1 PID: 22648 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  388.743477][T22648] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  388.743483][T22648] Call Trace:
[  388.743507][T22648]  dump_stack+0x1d8/0x2f8
[  388.743523][T22648]  should_fail+0x608/0x860
[  388.743537][T22648]  ? setup_fault_attr+0x2b0/0x2b0
[  388.743562][T22648]  __should_failslab+0x11a/0x160
[  388.761234][T22648]  ? mmu_topup_memory_caches+0x93/0x490
[  388.761245][T22648]  should_failslab+0x9/0x20
[  388.761256][T22648]  kmem_cache_alloc+0x56/0x2e0
[  388.761264][T22648]  ? mmu_topup_memory_caches+0x93/0x490
[  388.761274][T22648]  mmu_topup_memory_caches+0x93/0x490
[  388.761285][T22648]  kvm_mmu_load+0x9c/0x1cc0
[  388.761295][T22648]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  388.761322][T22648]  ? __lock_acquire+0x4750/0x4750
[  388.816272][T22648]  ? vmx_flush_tlb+0x2b3/0x600
[  388.821049][T22648]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  388.826779][T22648]  ? kvm_apic_has_interrupt+0x543/0xa40
[  388.832337][T22648]  ? kvm_mmu_unload+0xf0/0xf0
[  388.837027][T22648]  ? __kasan_check_write+0x14/0x20
[  388.842141][T22648]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  388.847781][T22648]  ? kvm_apic_accept_events+0x18f/0x470
[  388.853332][T22648]  ? kvm_apic_has_interrupt+0x543/0xa40
[  388.858889][T22648]  vcpu_enter_guest+0x3ffc/0x5530
[  388.863926][T22648]  ? local_bh_enable+0x30/0x30
[  388.868701][T22648]  ? lock_acquire+0x158/0x250
[  388.873380][T22648]  ? rcu_lock_acquire+0xd/0x40
[  388.878152][T22648]  vcpu_run+0x393/0xd40
[  388.882322][T22648]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  388.887787][T22648]  kvm_vcpu_ioctl+0x792/0xba0
[  388.892472][T22648]  ? kvm_vm_release+0x50/0x50
[  388.897155][T22648]  ? tomoyo_path_number_perm+0x587/0x740
[  388.902801][T22648]  ? trace_hardirqs_on+0x74/0x80
[  388.907748][T22648]  ? tomoyo_path_number_perm+0x5f0/0x740
[  388.913429][T22648]  ? tomoyo_check_path_acl+0x180/0x180
[  388.918912][T22648]  ? kvm_vm_release+0x50/0x50
[  388.923594][T22648]  do_vfs_ioctl+0x7d4/0x18f0
[  388.928279][T22648]  ? __lock_acquire+0x4750/0x4750
[  388.933307][T22648]  ? ioctl_preallocate+0x240/0x240
[  388.938439][T22648]  ? fget_many+0x30/0x30
[  388.942685][T22648]  ? debug_smp_processor_id+0x1c/0x20
[  388.948060][T22648]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  388.954131][T22648]  ? tomoyo_file_ioctl+0x23/0x30
[  388.959077][T22648]  ? security_file_ioctl+0xa1/0xd0
[  388.964196][T22648]  __x64_sys_ioctl+0xe3/0x120
[  388.968889][T22648]  do_syscall_64+0xfe/0x140
[  388.973402][T22648]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  388.979301][T22648] RIP: 0033:0x459829
[  388.983198][T22648] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  389.002801][T22648] RSP: 002b:00007f0a0af98c78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  389.011235][T22648] RAX: ffffffffffffffda RBX: 00007f0a0af98c90 RCX: 0000000000459829
[  389.019207][T22648] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  389.027177][T22648] RBP: 000000000075bfc8 R08: 0000000000000000 R09: 0000000000000000
[  389.035146][T22648] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0af996d4
[  389.043121][T22648] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  389.054111][T22654] input: syz1 as /devices/virtual/input/input400
[  389.060721][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  389.060765][    C0] protocol 88fb is buggy, dev hsr_slave_1
[  389.060838][    C0] protocol 88fb is buggy, dev hsr_slave_0
[  389.060873][    C0] protocol 88fb is buggy, dev hsr_slave_1
00:35:13 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x6364, 0x0)

00:35:13 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:13 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000005c0))
socket$inet_udplite(0x2, 0x2, 0x88)
pipe(&(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000180)=[{&(0x7f00000002c0)="03b90d07e90a938cf69e67bf2d668f", 0xf}], 0x1, 0x4)
socket$packet(0x11, 0x3, 0x300)
write(r2, &(0x7f0000000340), 0x10000014c)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1b7}, 0x0, 0x0)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)

[  389.109630][T22648] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  389.148198][T22654] input: syz1 as /devices/virtual/input/input401
00:35:13 executing program 5 (fault-call:9 fault-nth:31):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  389.362117][T22678] FAULT_INJECTION: forcing a failure.
[  389.362117][T22678] name failslab, interval 1, probability 0, space 0, times 0
[  389.384541][T22678] CPU: 1 PID: 22678 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  389.392555][T22678] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  389.402623][T22678] Call Trace:
[  389.405933][T22678]  dump_stack+0x1d8/0x2f8
[  389.410270][T22678]  should_fail+0x608/0x860
[  389.414682][T22678]  ? setup_fault_attr+0x2b0/0x2b0
[  389.419697][T22678]  __should_failslab+0x11a/0x160
[  389.424642][T22678]  ? mmu_topup_memory_caches+0x93/0x490
[  389.430200][T22678]  should_failslab+0x9/0x20
[  389.434774][T22678]  kmem_cache_alloc+0x56/0x2e0
[  389.439565][T22678]  ? mmu_topup_memory_caches+0x93/0x490
[  389.445106][T22678]  mmu_topup_memory_caches+0x93/0x490
[  389.450485][T22678]  kvm_mmu_load+0x9c/0x1cc0
[  389.455008][T22678]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  389.460470][T22678]  ? __lock_acquire+0x4750/0x4750
[  389.465483][T22678]  ? vmx_flush_tlb+0x2b3/0x600
[  389.470238][T22678]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  389.475949][T22678]  ? kvm_apic_has_interrupt+0x543/0xa40
[  389.481488][T22678]  ? kvm_mmu_unload+0xf0/0xf0
[  389.486158][T22678]  ? __kasan_check_write+0x14/0x20
[  389.491268][T22678]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  389.496920][T22678]  ? kvm_apic_accept_events+0x18f/0x470
[  389.502465][T22678]  ? kvm_apic_has_interrupt+0x543/0xa40
[  389.508033][T22678]  vcpu_enter_guest+0x3ffc/0x5530
[  389.513145][T22678]  ? local_bh_enable+0x30/0x30
[  389.517906][T22678]  ? lock_acquire+0x158/0x250
[  389.522575][T22678]  ? rcu_lock_acquire+0xd/0x40
[  389.527356][T22678]  vcpu_run+0x393/0xd40
[  389.531516][T22678]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  389.536967][T22678]  kvm_vcpu_ioctl+0x792/0xba0
[  389.541639][T22678]  ? kvm_vm_release+0x50/0x50
[  389.546307][T22678]  ? tomoyo_path_number_perm+0x587/0x740
[  389.551942][T22678]  ? trace_hardirqs_on+0x74/0x80
[  389.556892][T22678]  ? tomoyo_path_number_perm+0x5f0/0x740
[  389.562543][T22678]  ? tomoyo_check_path_acl+0x180/0x180
[  389.568009][T22678]  ? kvm_vm_release+0x50/0x50
[  389.572693][T22678]  do_vfs_ioctl+0x7d4/0x18f0
[  389.577275][T22678]  ? __lock_acquire+0x4750/0x4750
[  389.582298][T22678]  ? ioctl_preallocate+0x240/0x240
[  389.587410][T22678]  ? fget_many+0x30/0x30
[  389.591667][T22678]  ? debug_smp_processor_id+0x1c/0x20
[  389.597059][T22678]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  389.603120][T22678]  ? tomoyo_file_ioctl+0x23/0x30
[  389.608083][T22678]  ? security_file_ioctl+0xa1/0xd0
[  389.613208][T22678]  __x64_sys_ioctl+0xe3/0x120
[  389.617892][T22678]  do_syscall_64+0xfe/0x140
[  389.622403][T22678]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  389.628317][T22678] RIP: 0033:0x459829
[  389.632239][T22678] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  389.651838][T22678] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  389.660232][T22678] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  389.668190][T22678] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  389.676153][T22678] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  389.684109][T22678] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  389.692070][T22678] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  389.700244][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  389.706172][    C1] protocol 88fb is buggy, dev hsr_slave_1
00:35:14 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000080)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:14 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:14 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:14 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8903, 0x0)

[  389.714008][T22678] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
00:35:14 executing program 5 (fault-call:9 fault-nth:32):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  389.804996][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  389.810837][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  389.845441][T22689] input: syz1 as /devices/virtual/input/input402
00:35:14 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:14 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8912, 0x0)

[  389.973544][T22698] FAULT_INJECTION: forcing a failure.
[  389.973544][T22698] name failslab, interval 1, probability 0, space 0, times 0
[  390.003872][T22698] CPU: 0 PID: 22698 Comm: syz-executor.5 Not tainted 5.3.0-rc2+ #57
[  390.011892][T22698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  390.011897][T22698] Call Trace:
[  390.011930][T22698]  dump_stack+0x1d8/0x2f8
[  390.011950][T22698]  should_fail+0x608/0x860
[  390.029642][T22698]  ? setup_fault_attr+0x2b0/0x2b0
[  390.029658][T22698]  __should_failslab+0x11a/0x160
[  390.029671][T22698]  ? mmu_topup_memory_caches+0x93/0x490
[  390.029681][T22698]  should_failslab+0x9/0x20
[  390.029691][T22698]  kmem_cache_alloc+0x56/0x2e0
[  390.029707][T22698]  ? mmu_topup_memory_caches+0x93/0x490
[  390.039162][T22698]  mmu_topup_memory_caches+0x93/0x490
[  390.039174][T22698]  kvm_mmu_load+0x9c/0x1cc0
[  390.039183][T22698]  ? kvm_ioapic_scan_entry+0x3e0/0x4e0
[  390.039193][T22698]  ? __lock_acquire+0x4750/0x4750
[  390.039200][T22698]  ? vmx_flush_tlb+0x2b3/0x600
[  390.039210][T22698]  ? kvm_vcpu_gfn_to_hva_prot+0x170/0x170
[  390.039218][T22698]  ? kvm_apic_has_interrupt+0x543/0xa40
[  390.039227][T22698]  ? kvm_mmu_unload+0xf0/0xf0
[  390.039241][T22698]  ? __kasan_check_write+0x14/0x20
[  390.039249][T22698]  ? kvm_get_apic_interrupt+0x8d0/0x1b30
[  390.039257][T22698]  ? kvm_apic_accept_events+0x18f/0x470
[  390.039266][T22698]  ? kvm_apic_has_interrupt+0x543/0xa40
[  390.039280][T22698]  vcpu_enter_guest+0x3ffc/0x5530
[  390.039298][T22698]  ? local_bh_enable+0x30/0x30
[  390.054286][T22698]  ? lock_acquire+0x158/0x250
[  390.054296][T22698]  ? rcu_lock_acquire+0xd/0x40
[  390.054316][T22698]  vcpu_run+0x393/0xd40
[  390.074504][T22698]  kvm_arch_vcpu_ioctl_run+0x636/0x900
[  390.074517][T22698]  kvm_vcpu_ioctl+0x792/0xba0
[  390.074527][T22698]  ? kvm_vm_release+0x50/0x50
[  390.074537][T22698]  ? tomoyo_path_number_perm+0x587/0x740
00:35:14 executing program 5 (fault-call:9 fault-nth:33):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:14 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  390.074554][T22698]  ? trace_hardirqs_on+0x74/0x80
[  390.085040][T22698]  ? tomoyo_path_number_perm+0x5f0/0x740
[  390.085054][T22698]  ? tomoyo_check_path_acl+0x180/0x180
[  390.085067][T22698]  ? kvm_vm_release+0x50/0x50
[  390.085077][T22698]  do_vfs_ioctl+0x7d4/0x18f0
[  390.085090][T22698]  ? __lock_acquire+0x4750/0x4750
[  390.085100][T22698]  ? ioctl_preallocate+0x240/0x240
[  390.085117][T22698]  ? fget_many+0x30/0x30
[  390.085126][T22698]  ? debug_smp_processor_id+0x1c/0x20
[  390.085143][T22698]  ? fpregs_assert_state_consistent+0xb7/0xe0
[  390.095744][T22698]  ? tomoyo_file_ioctl+0x23/0x30
[  390.095756][T22698]  ? security_file_ioctl+0xa1/0xd0
[  390.095768][T22698]  __x64_sys_ioctl+0xe3/0x120
[  390.095783][T22698]  do_syscall_64+0xfe/0x140
[  390.095794][T22698]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  390.095803][T22698] RIP: 0033:0x459829
[  390.095813][T22698] Code: fd b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b7 fb ff c3 66 2e 0f 1f 84 00 00 00 00
00:35:14 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8919, 0x0)

[  390.095818][T22698] RSP: 002b:00007f0a0afbac78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  390.095826][T22698] RAX: ffffffffffffffda RBX: 00007f0a0afbac90 RCX: 0000000000459829
[  390.095831][T22698] RDX: 0000000000000000 RSI: 000000000000ae80 RDI: 0000000000000005
[  390.095836][T22698] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  390.095841][T22698] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f0a0afbb6d4
[  390.095846][T22698] R13: 00000000004c2bcf R14: 00000000004d6150 R15: 0000000000000008
[  390.101948][T22698] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  390.365028][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  390.370875][    C1] protocol 88fb is buggy, dev hsr_slave_1
00:35:14 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=@newlink={0x30, 0x10, 0x801, 0x0, 0x0, {0x34000, 0x0, 0x0, 0x0, 0x3}, [@IFLA_GROUP={0x8}, @IFLA_PROTO_DOWN={0x8, 0xa, 0xf}]}, 0x30}}, 0x0)

00:35:14 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:14 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
io_uring_register$IORING_UNREGISTER_BUFFERS(r0, 0x1, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = syz_open_dev$admmidi(&(0x7f0000000100)='/dev/admmidi#\x00', 0x1, 0x200000)
ioctl$GIO_SCRNMAP(r1, 0x4b40, &(0x7f0000000880)=""/4096)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000140)={0x0, 0x2, 0x1, 0x1000, &(0x7f0000fff000/0x1000)=nil})
r2 = openat$proc_capi20ncci(0xffffffffffffff9c, &(0x7f0000000000)='/proc/capi/capi20ncci\x00', 0x3, 0x0)
accept4$packet(r2, &(0x7f0000000040)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000080)=0x14, 0x80800)

[  390.539442][T22732] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  390.553751][T22732] bond0: (slave lo): slave is up - this may be due to an out of date ifenslave
[  390.564074][T22733] input: syz1 as /devices/virtual/input/input403
[  390.640716][T22739] input: syz1 as /devices/virtual/input/input404
00:35:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(0x0, 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:35:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8933, 0x0)

00:35:15 executing program 0:
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
bind$ax25(r0, &(0x7f0000000000)={{0x3, @default}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @default]}, 0x48)
getsockname$ax25(r0, 0x0, &(0x7f0000000100))

00:35:15 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:15 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
recvfrom(r1, &(0x7f0000000000)=""/19, 0x13, 0x120, &(0x7f0000000040)=@ipx={0x4, 0xffffffff, 0x6, "146d15b07ae6", 0xb75}, 0x80)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  390.747156][T22749] input: syz1 as /devices/virtual/input/input405
00:35:15 executing program 0:
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
bind$ax25(r0, &(0x7f0000000000)={{0x3, @default}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x0}, @bcast, @default]}, 0x10)

00:35:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(0x0, 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:15 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  390.891697][T22748] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  390.906280][T22749] input: syz1 as /devices/virtual/input/input406
00:35:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8940, 0x0)

00:35:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(0x0, 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:15 executing program 0:
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0x0)
connect$ax25(r0, &(0x7f0000000080)={{0x3, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}]}, 0x48)
ioctl$SIOCAX25GETINFOOLD(r0, 0x89e9, &(0x7f0000000000))

00:35:15 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
socket$bt_bnep(0x1f, 0x3, 0x4)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x2, 0x0)

00:35:15 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

[  391.137783][T22789] ax25_connect(): syz-executor.0 uses autobind, please contact jreuter@yaina.de
[  391.157253][T22787] input: syz1 as /devices/virtual/input/input407
[  391.204631][T22789] syz-executor.0 uses old SIOCAX25GETINFO
[  391.218589][T22789] ax25_connect(): syz-executor.0 uses autobind, please contact jreuter@yaina.de
00:35:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8946, 0x0)

00:35:15 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="11dca5055e0bcfe47bf070")
r1 = syz_open_dev$sndtimer(&(0x7f00000001c0)='/dev/snd/timer\x00', 0x0, 0x0)
ppoll(&(0x7f0000000200)=[{r1}], 0x1, &(0x7f0000000240)={0x0, 0x989680}, 0x0, 0x0)

00:35:15 executing program 4:
socket$inet_sctp(0x2, 0x5, 0x84)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='comm\x00')
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(0xffffffffffffffff, 0x84, 0x66, &(0x7f0000000040)={<r2=>0x0}, &(0x7f0000000080)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000100)={r2, 0xffffffff}, 0x8)

00:35:15 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x10, 0x0)

00:35:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(0xffffffffffffffff, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

[  391.451741][T22819] input: syz1 as /devices/virtual/input/input409
00:35:15 executing program 0:
syz_mount_image$vfat(&(0x7f0000000540)='vfat\x00', &(0x7f00000002c0)='./file0\x00', 0x800000000e004, 0x1, &(0x7f0000000140)=[{&(0x7f0000010000)="eb3c906d6b66732e66617400020401ed01000270fff8", 0x16}], 0x0, 0x0)
r0 = open(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000500)='./bus\x00', 0x0)
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
io_setup(0x1, &(0x7f0000000000)=<r2=>0x0)
io_submit(r2, 0x732, &(0x7f0000000540)=[&(0x7f00000000c0)={0x0, 0x0, 0x80000000000000, 0x1, 0x0, r1, &(0x7f0000000000), 0x377140be6b5ef4c7}])
ioctl$DRM_IOCTL_RM_CTX(0xffffffffffffffff, 0xc0086421, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cpuset.effective_mems\x00', 0x26e1, 0x0)
write$cgroup_int(r3, &(0x7f0000000140), 0xffffff35)

00:35:15 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:15 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x2405, 0x0)

00:35:15 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

[  391.550778][T22828] input: syz1 as /devices/virtual/input/input410
00:35:15 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8953, 0x0)

00:35:16 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = accept(0xffffffffffffffff, 0x0, &(0x7f0000000000))
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_GET(r1, &(0x7f0000000240)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)={0xf0, r2, 0x100, 0x70bd26, 0x25dfdbfd, {}, [@TIPC_NLA_NET={0x48, 0x7, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xffffffffffff899b}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x6}, @TIPC_NLA_NET_ID={0x8, 0x1, 0x100}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x2}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x4}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x3}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x4}]}, @TIPC_NLA_NODE={0x2c, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7}]}, @TIPC_NLA_MON={0x4c, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x95}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xc3b2}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x20000}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x10001}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xbf}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x24}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0xb61f}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x1}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x2}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x10}, 0x10)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:16 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:16 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4c01, 0x0)

00:35:16 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  391.863981][T22859] input: syz1 as /devices/virtual/input/input411
00:35:16 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x89f1, 0x0)

00:35:16 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, 0x0, 0x0)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

[  392.029683][T22872] input: syz1 as /devices/virtual/input/input412
00:35:16 executing program 0:
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000006180)=@newqdisc={0x24, 0x24, 0x403}, 0x24}}, 0x0)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000100)=""/146, 0x92}, {&(0x7f00000001c0)=""/101, 0x65}, {&(0x7f0000000400)=""/213, 0x1d5}, {&(0x7f0000000500)=""/4096, 0x1000}, {&(0x7f00000015c0)=""/211, 0xd3}], 0x5}, 0x0)
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001580)={&(0x7f0000000040)=ANY=[@ANYBLOB="14000000420005013b00"/21], 0x14}}, 0x0)

00:35:16 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x541b, 0x0)

00:35:16 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:16 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040)='/dev/uinput\x00', 0x2, 0x0)
r1 = syz_open_dev$dmmidi(&(0x7f0000000080)='/dev/dmmidi#\x00', 0x6, 0x2c000)
r2 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100)='TIPCv2\x00')
sendmsg$TIPC_NL_BEARER_SET(r1, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x10040000}, 0xc, &(0x7f0000000300)={&(0x7f0000000140)={0x1b8, r2, 0x200, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x6c, 0x7, [@TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x5}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x7}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x9}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0x6}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x4}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0x8}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x2}, @TIPC_NLA_NET_NODEID_W1={0xc, 0x4, 0xfffffffffffffffe}, @TIPC_NLA_NET_NODEID={0xc, 0x3, 0xe00}, @TIPC_NLA_NET_ADDR={0x8, 0x2, 0x6}]}, @TIPC_NLA_MON={0x24, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x2}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x6713}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8}, @TIPC_NLA_MON_REF={0x8, 0x2, 0x7}]}, @TIPC_NLA_MON={0xc, 0x9, [@TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}]}, @TIPC_NLA_BEARER={0x5c, 0x1, [@TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x3}, @TIPC_NLA_BEARER_DOMAIN={0x8, 0x3, 0x9}, @TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x20, 0x1, @in6={0xa, 0x4e23, 0x54, @empty, 0x84b}}, {0x14, 0x2, @in={0x2, 0x4e21, @multicast2}}}}, @TIPC_NLA_BEARER_NAME={0x10, 0x1, @l2={'ib', 0x3a, 'bcsh0\x00'}}]}, @TIPC_NLA_MON={0x1c, 0x9, [@TIPC_NLA_MON_REF={0x8, 0x2, 0x9}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x1}, @TIPC_NLA_MON_ACTIVATION_THRESHOLD={0x8, 0x1, 0x6e}]}, @TIPC_NLA_BEARER={0x4}, @TIPC_NLA_NODE={0x24, 0x6, [@TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8}, @TIPC_NLA_NODE_UP={0x4}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x9}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0x7fff}]}, @TIPC_NLA_MEDIA={0x68, 0x5, [@TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_PROP={0x2c, 0x2, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0xc}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x3}, @TIPC_NLA_PROP_MTU={0x8, 0x4, 0x80000001}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x726a983}, @TIPC_NLA_PROP_WIN={0x8, 0x3, 0x6}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'ib\x00'}]}]}, 0x1b8}, 0x1, 0x0, 0x0, 0x4000040}, 0x4044000)
syz_open_dev$usb(&(0x7f0000000000)='/dev/bus/usb/00#/00#\x00', 0x800, 0x100)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:16 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae01, 0x0)

[  392.428045][T22904] input: syz1 as /devices/virtual/input/input413
00:35:16 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:16 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5421, 0x0)

[  392.574177][T22904] input: syz1 as /devices/virtual/input/input414
00:35:16 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xae41, 0x0)

00:35:16 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:16 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer\x00', 0x40000, 0x0)
ioctl$VIDIOC_SUBDEV_G_FMT(r1, 0xc0585604, &(0x7f0000000040)={0x1, 0x0, {0x80, 0x9, 0x1012, 0x3, 0xf, 0xf, 0x0, 0x4}})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:17 executing program 0:
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
recvmmsg(r0, &(0x7f00000000c0)=[{{&(0x7f0000001dc0)=@sco, 0x80, 0x0}}], 0x1, 0x2, 0x0)

00:35:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5450, 0x0)

[  392.792995][T22936] input: syz1 as /devices/virtual/input/input415
00:35:17 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:17 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x40045431, 0x0)

[  392.970212][T22936] input: syz1 as /devices/virtual/input/input416
00:35:17 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:17 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5451, 0x0)

00:35:17 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:17 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x400454ca, 0x0)

00:35:17 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
recvmmsg(0xffffffffffffffff, &(0x7f0000004740)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)=""/235, 0xeb}, {&(0x7f0000000280)=""/117, 0x75}], 0x2, &(0x7f0000000340)=""/71, 0x47}, 0x5}, {{&(0x7f0000000880)=@rc, 0x80, &(0x7f00000003c0)=[{&(0x7f0000000900)=""/102, 0x66}, {&(0x7f0000000980)=""/93, 0x5d}], 0x2, &(0x7f0000000a00)=""/20, 0x14}, 0xa35f}, {{&(0x7f0000000a40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @remote}, 0x80, &(0x7f0000000e00)=[{&(0x7f0000000ac0)=""/154, 0x9a}, {&(0x7f0000000b80)=""/201, 0xc9}, {&(0x7f0000000c80)=""/59, 0x3b}, {&(0x7f0000000cc0)=""/63, 0x3f}, {&(0x7f0000000d00)=""/213, 0xd5}], 0x5, &(0x7f0000000e80)=""/13, 0xd}, 0x2}, {{0x0, 0x0, &(0x7f0000001180)=[{&(0x7f0000000ec0)=""/225, 0xe1}, {&(0x7f0000000fc0)=""/249, 0xf9}, {&(0x7f00000010c0)=""/166, 0xa6}], 0x3, &(0x7f00000011c0)=""/4096, 0x1000}, 0x6}, {{0x0, 0x0, &(0x7f0000003600)=[{&(0x7f00000021c0)=""/25, 0x19}, {&(0x7f0000002200)=""/220, 0xdc}, {&(0x7f0000002300)}, {&(0x7f0000002340)=""/190, 0xbe}, {&(0x7f0000002400)=""/4096, 0x1000}, {&(0x7f0000003400)=""/10, 0xa}, {&(0x7f0000003440)=""/196, 0xc4}, {&(0x7f0000003540)=""/167, 0xa7}], 0x8, &(0x7f0000003680)=""/160, 0xa0}, 0xfffffffffffffffe}, {{0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000003740)=""/206, 0xce}, {&(0x7f0000003840)}, {&(0x7f0000003880)=""/168, 0xa8}, {&(0x7f0000003940)=""/80, 0x50}], 0x4, &(0x7f0000003a00)=""/158, 0x9e}}, {{&(0x7f0000003ac0)=@in={0x2, 0x0, @remote}, 0x80, &(0x7f0000003c00)=[{&(0x7f0000003b40)=""/148, 0x94}], 0x1}, 0xfffffffffffffff8}, {{&(0x7f0000003c40)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @dev}}, 0x80, &(0x7f0000004240)=[{&(0x7f0000003cc0)=""/114, 0x72}, {&(0x7f0000003d40)}, {&(0x7f0000003d80)=""/229, 0xe5}, {&(0x7f0000003e80)=""/200, 0xc8}, {&(0x7f0000003f80)=""/127, 0x7f}, {&(0x7f0000004000)=""/25, 0x19}, {&(0x7f0000004040)=""/186, 0xba}, {&(0x7f0000004100)=""/130, 0x82}, {&(0x7f00000041c0)=""/94, 0x5e}], 0x9}, 0x4}, {{&(0x7f0000004300)=@pppol2tpin6={0x18, 0x1, {0x0, <r1=>0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x80, &(0x7f00000046c0)=[{&(0x7f0000004380)=""/127, 0x7f}, {&(0x7f0000004400)=""/196, 0xc4}, {&(0x7f0000004500)=""/237, 0xed}, {&(0x7f0000004600)=""/171, 0xab}], 0x4, &(0x7f0000004700)=""/39, 0x27}, 0x5}], 0x9, 0x40010000, &(0x7f0000004980))
r2 = syz_genetlink_get_family_id$ipvs(&(0x7f0000004a00)='IPVS\x00')
sendmsg$IPVS_CMD_NEW_DEST(r1, &(0x7f0000004b00)={&(0x7f00000049c0), 0xc, &(0x7f0000004ac0)={&(0x7f0000004a40)={0x80, r2, 0x408, 0x70bd2c, 0x25dfdbff, {}, [@IPVS_CMD_ATTR_DEST={0x44, 0x2, [@IPVS_DEST_ATTR_TUN_PORT={0x8, 0xe, 0x4e23}, @IPVS_DEST_ATTR_INACT_CONNS={0x8, 0x8, 0x2bbcfe1c}, @IPVS_DEST_ATTR_U_THRESH={0x8, 0x5, 0xacd}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e20}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x100000001}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x4}, @IPVS_DEST_ATTR_PORT={0x8, 0x2, 0x4e21}]}, @IPVS_CMD_ATTR_SERVICE={0xc, 0x1, [@IPVS_SVC_ATTR_SCHED_NAME={0x8, 0x6, 'lc\x00'}]}, @IPVS_CMD_ATTR_SERVICE={0x1c, 0x1, [@IPVS_SVC_ATTR_AF={0x8, 0x1, 0x2}, @IPVS_SVC_ATTR_NETMASK={0x8, 0x9, 0x3c}, @IPVS_SVC_ATTR_TIMEOUT={0x8, 0x8, 0x1f}]}]}, 0x80}, 0x1, 0x0, 0x0, 0x20040800}, 0x4000000)
r3 = syz_open_dev$radio(&(0x7f0000000000)='/dev/radio#\x00', 0x2, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff}, 0x13f, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r3, &(0x7f0000000140)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000040)=0x1, r4, 0x0, 0x1, 0x4}}, 0x20)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r3, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:17 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x40106614, &(0x7f0000000000))
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000040)='/dev/snapshot\x00', 0x2, 0x0)
accept4$packet(r1, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000000100)=0x14, 0x80000)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:17 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:17 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x40045568, 0x0)

[  393.420417][T22989] input: syz1 as /devices/virtual/input/input419
[  393.581957][T23004] input: syz1 as /devices/virtual/input/input420
00:35:18 executing program 0:
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = fcntl$dupfd(r0, 0x0, r0)
bind$bt_rfcomm(r1, &(0x7f0000000000)={0x1f, {0x0, 0x0, 0x1}}, 0x17)

00:35:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5452, 0x0)

00:35:18 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x40049409, 0x0)

00:35:18 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(0xffffffffffffffff, 0x4040534e, &(0x7f0000000080)={0x200000000bd})

00:35:18 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x4)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000)='/dev/qat_adf_ctl\x00', 0x100, 0x0)
ioctl$VIDIOC_S_EXT_CTRLS(r1, 0xc0205648, &(0x7f0000000080)={0x9b0000, 0x7, 0x5221, [], &(0x7f0000000040)={0x990a6d, 0x10000000000, [], @value64=0x8}})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000140)={{0x400, 0x19, 0x6, 0x6}, 'syz0\x00', 0x10})
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r2 = openat$cgroup_ro(r1, &(0x7f0000000100)='cpuset.memory_pressure\x00', 0x0, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r3 = syz_genetlink_get_family_id$net_dm(&(0x7f0000000200)='NET_DM\x00')
sendmsg$NET_DM_CMD_START(r2, &(0x7f00000002c0)={&(0x7f00000001c0), 0xc, &(0x7f0000000280)={&(0x7f0000000240)={0x14, r3, 0xb00, 0x70bd2c, 0x25dfdbfd, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20004000}, 0x4040000)

00:35:18 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0xf7d, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x7ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
exit_group(0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000180)='./cgroup\x00', 0x200002, 0x0)
fcntl$getflags(r0, 0x1)

00:35:18 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5460, 0x0)

00:35:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0)

[  394.175811][T23037] QAT: Invalid ioctl
[  394.191186][T23037] QAT: Invalid ioctl
[  394.204630][T23037] input: syz1 as /devices/virtual/input/input421
00:35:18 executing program 0:
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000500)={0xa, 0x2}, 0x1c)
listen(r1, 0x0)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x2, @loopback}, 0x10)
accept4(r1, &(0x7f0000000180)=@in6={0xa, 0x0, 0x0, @mcast1}, &(0x7f0000000040)=0x80, 0x800)

[  394.268479][T23037] QAT: Invalid ioctl
00:35:18 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:18 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4004ae99, 0x0)

[  394.289099][T23046] QAT: Invalid ioctl
00:35:18 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x5601, 0x0)

00:35:18 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff\xff'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  394.350087][    C1] net_ratelimit: 1 callbacks suppressed
[  394.350096][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  394.378745][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
00:35:18 executing program 0:
ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000280)={0x401, 0x9})
r0 = socket$inet6(0xa, 0x3, 0x7)
recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1a)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

[  394.448055][T23050] input: syz1 as /devices/virtual/input/input422
00:35:19 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0)

00:35:19 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x16)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$FS_IOC_GETFLAGS(r0, 0x80086601, &(0x7f0000000000))
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x6364, 0x0)

00:35:19 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff\xff'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x40086200, 0x0)

00:35:19 executing program 0:
ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000280)={0x401, 0x9})
r0 = socket$inet6(0xa, 0x3, 0x7)
recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1a)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

[  395.061277][T23086] input: syz1 as /devices/virtual/input/input423
00:35:19 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff\xff'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:19 executing program 4:
eventfd2(0x7, 0x1)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:19 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8912, 0x0)

00:35:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x40086408, 0x0)

[  395.273236][T23112] input: syz1 as /devices/virtual/input/input425
00:35:19 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xff'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x40086432, 0x0)

[  395.398638][T23112] input: syz1 as /devices/virtual/input/input426
00:35:20 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0)

00:35:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8933, 0x0)

00:35:20 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000000)={{0x100, 0xa4cd, 0x4, 0xffffffffffffffc1}, 'syz0\x00', 0x1c})

00:35:20 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:20 executing program 0:
ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000280)={0x401, 0x9})
r0 = socket$inet6(0xa, 0x3, 0x7)
recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1a)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

00:35:20 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4008700c, 0x0)

[  395.949038][T23147] input: syz1 as /devices/virtual/input/input427
00:35:20 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x400454ca, 0x0)

00:35:20 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4008ae89, 0x0)

[  396.133706][T23147] input: syz0 as /devices/virtual/input/input428
00:35:20 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:20 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {0x0, 0x0, 0x10000}, 0x0, [0x0, 0x0, 0x0, 0x1], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0da], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000]}, 0x45c)
r1 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000)='/dev/cachefiles\x00', 0x20000, 0x0)
ioctl$sock_inet6_udp_SIOCINQ(r1, 0x541b, &(0x7f0000000040))
readlinkat(r1, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=""/193, 0xc1)
ioctl$TIOCGLCKTRMIOS(r1, 0x5456, &(0x7f00000002c0)={0x100000000, 0x0, 0xbd2, 0x9c7a, 0xd, 0xffffffffffffff20, 0x8, 0x1, 0x7fff, 0x6, 0x400, 0x3})
setsockopt$bt_BT_SECURITY(r1, 0x112, 0x4, &(0x7f0000000100)={0x81, 0x6}, 0x2)
bind$inet6(r1, &(0x7f0000000080)={0xa, 0x4e20, 0x8, @local, 0x8}, 0x1c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
setsockopt$nfc_llcp_NFC_LLCP_MIUX(r1, 0x118, 0x1, &(0x7f0000000280)=0x8001, 0x4)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r2 = memfd_create(&(0x7f00000000c0)='\vem1\xc1\xf8\xa6\x8dN\xc0\xa3\\\xe2\x8b\xaa\xffIb\x9e\xc1\xcb\xa2\xba\xe5\xf4\x97\xac#*\xff', 0x0)
write(r2, &(0x7f0000000180)='F', 0x1)
mmap(&(0x7f0000000000/0x7000)=nil, 0x7000, 0x80000000004, 0x11, r2, 0x0)
r3 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r3, 0x10d, 0xfe, 0x0, &(0x7f0000000000))
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:20 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x40049409, 0x0)

[  396.380721][T23182] input: syz1 as /devices/virtual/input/input429
00:35:21 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, 0x0)

00:35:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4008ae90, 0x0)

00:35:21 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:21 executing program 0:
ioctl$IOC_PR_PREEMPT_ABORT(0xffffffffffffffff, 0x401870cc, &(0x7f0000000280)={0x401, 0x9})
r0 = socket$inet6(0xa, 0x3, 0x7)
recvmmsg(r0, &(0x7f0000000200), 0x38c, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1a)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

00:35:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4004ae8b, 0x0)

00:35:21 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = syz_open_dev$midi(&(0x7f0000000000)='/dev/midi#\x00', 0x7fffffff, 0x400)
ioctl$KVM_GET_ONE_REG(r1, 0x4010aeab, &(0x7f0000000040)={0x6, 0xff})
ioctl$sock_SIOCGPGRP(r1, 0x8904, &(0x7f0000000080)=<r2=>0x0)
r3 = getpgid(0x0)
kcmp$KCMP_EPOLL_TFD(r2, r3, 0x7, r0, &(0x7f0000000100)={r1, r0, 0xfffffffffffffff9})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

[  396.848282][T23202] input: syz1 as /devices/virtual/input/input430
00:35:21 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00'})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4020940d, 0x0)

00:35:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4004ae99, 0x0)

[  396.991081][T23215] input: syz1 as /devices/virtual/input/input431
00:35:21 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:21 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
socket$pppoe(0x18, 0x1, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000000)='/dev/mixer\x00', 0x10000, 0x0)
openat$cgroup_int(r1, &(0x7f0000000040)='cpuset.memory_spread_page\x00', 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4020ae46, 0x0)

[  397.251966][T23241] input: syz1 as /devices/virtual/input/input432
[  397.407765][T23250] input: syz1 as /devices/virtual/input/input433
00:35:21 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080))

00:35:21 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4020940d, 0x0)

00:35:21 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:21 executing program 0:
syz_emit_ethernet(0x536, &(0x7f0000000100)={@broadcast, @broadcast, [], {@ipv6={0x86dd, {0x0, 0x6, "02290f", 0x38, 0x3a, 0x0, @dev={0xfe, 0x80, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x300]}, @mcast2, {[], @icmpv6=@pkt_toobig={0xe601, 0x0, 0x0, 0x0, {0x0, 0x6, "9433df", 0x0, 0x2f, 0x0, @loopback, @dev, [], "800000e77f000400"}}}}}}}, 0x0)

00:35:21 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0)

00:35:21 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = openat$zero(0xffffffffffffff9c, &(0x7f0000000140)='/dev/zero\x00', 0x100, 0x0)
ioctl$RNDGETENTCNT(r1, 0x80045200, &(0x7f0000000180))
openat$dlm_control(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/dlm-control\x00', 0x40402, 0x0)
r2 = accept(0xffffffffffffffff, &(0x7f0000000000)=@vsock, &(0x7f0000000080)=0x80)
ioctl$PPPIOCSMRU(r2, 0x40047452, &(0x7f0000000100)=0x1f)

00:35:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

[  397.700829][T23265] input: syz1 as /devices/virtual/input/input434
00:35:22 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4048ae9b, 0x0)

00:35:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

[  397.838677][T23265] input: syz1 as /devices/virtual/input/input435
00:35:22 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:22 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4080aebf, 0x0)

00:35:22 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080))

00:35:22 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000180)='/dev/uinput\x00', 0x100000000008006, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
r1 = openat$full(0xffffffffffffff9c, &(0x7f0000000000)='/dev/full\x00', 0x10082, 0x0)
unlinkat(r1, &(0x7f0000000040)='./file0\x00', 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:22 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4090ae82, 0x0)

00:35:22 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:22 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4090ae82, 0x0)

00:35:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

[  398.579618][T23315] input: syz1 as /devices/virtual/input/input436
00:35:22 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:22 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:23 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
r1 = syz_open_dev$usbmon(&(0x7f0000000000)='/dev/usbmon#\x00', 0x5, 0x81)
write$P9_RFLUSH(r1, &(0x7f0000000040)={0x7, 0x6d, 0x1}, 0x7)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6]}, 0x45c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_REM(r1, 0x84, 0x65, &(0x7f0000000380)=[@in={0x2, 0x4e23, @empty}, @in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x4e23, 0x1, @mcast1, 0xfffffffffffffff8}, @in6={0xa, 0x4e24, 0x800, @mcast2, 0x9}, @in6={0xa, 0x4e22, 0xffffffff, @remote, 0xf8f}], 0x74)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f0000000300)={0x0, 0x18, 0xfa00, {0x1, &(0x7f00000002c0)={<r2=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r1, &(0x7f0000000340)={0xe, 0x18, 0xfa00, @id_afonly={&(0x7f0000000280)=0x1, r2, 0x0, 0x2, 0x4}}, 0x20)
sendmsg$nl_crypto(r1, &(0x7f0000000240)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000200)={&(0x7f0000000100)=@upd={0x100, 0x12, 0x4, 0x70bd25, 0x25dfdbfb, {{'ecb(blowfish-asm)\x00'}, [], [], 0x0, 0x2400}, [{0x8, 0x1, 0xffffffff80000001}, {0x8, 0x1, 0x2fe0}, {0x8, 0x1, 0x80}, {0x8, 0x1, 0x20}]}, 0x100}, 0x1, 0x0, 0x0, 0x10}, 0x45)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:23 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4138ae84, 0x0)

00:35:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x4138ae84, 0x0)

[  398.792589][T23341] input: syz1 as /devices/virtual/input/input438
[  398.927997][T23351] input: syz1 as /devices/virtual/input/input439
00:35:23 executing program 3:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080))

00:35:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:23 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:23 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0)

00:35:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x41a0ae8d, 0x0)

00:35:23 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000880)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
openat$dlm_monitor(0xffffffffffffff9c, &(0x7f0000000340)='/dev/dlm-monitor\x00', 0xc401, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
clone(0x8a000200, &(0x7f00000001c0)="fc893f869761e3d077bc5d51cac408722e7d30023891dedde0b64acbed27aa3ae79843bc48c1004274918b845825745d023fc1fadaf5cca6eac4e62948ce7982eb7b72a694c799e5fa3c984f650e3538a54229c82ebdf39a9e4da8bfb873ff12665818775717ea0a412c537d335a3c168bbbc43cddd388b7ddce716b51f7f73c", &(0x7f0000000240), &(0x7f0000000280), &(0x7f00000002c0)="702798218c0100cb371a3749f5a43f57b64e2636b299040f653a3952570ae744b05690c9c2983724c5fb17638c065be6353bb5f0b52932cbcfea3a30c523395d63b30b35")
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
r1 = socket(0x1, 0x6, 0x6)
r2 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040)='SEG6\x00')
sendmsg$SEG6_CMD_DUMPHMAC(r1, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x804000}, 0xc, &(0x7f0000000080)={&(0x7f0000000100)={0x44, r2, 0x100, 0x70bd2d, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0xffff}, @SEG6_ATTR_ALGID={0x8, 0x6, 0xff}, @SEG6_ATTR_SECRET={0x10, 0x4, [0x0, 0x2, 0x52]}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x1}]}, 0x44}}, 0x800)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:23 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  399.490610][T23371] input: syz1 as /devices/virtual/input/input440
00:35:23 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x800454d2, 0x0)

00:35:23 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80044501, 0x0)

00:35:23 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:23 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  399.723528][T23388] input: syz1 as /devices/virtual/input/input441
00:35:24 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000)='/dev/uinput\x00', 0x802, 0x0)
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_SET_SWBIT(r1, 0x4004556d, 0xb)

00:35:24 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
fsetxattr$security_capability(r0, &(0x7f0000000140)='security.capability\x00', 0x0, 0x0, 0x0)
mlock2(&(0x7f0000a4f000/0x4000)=nil, 0x4000, 0x0)
write$P9_RSTATFS(0xffffffffffffffff, 0x0, 0x0)
r2 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000b4508a)='/dev/ashmem\x00', 0x0, 0x0)
ioctl$ASHMEM_SET_SIZE(0xffffffffffffffff, 0x40087703, 0x0)
ioctl$ASHMEM_SET_NAME(r2, 0x40087707, &(0x7f0000000280)='\xa6\xd4\x9bE\xde\xb2a\x00\x00\xcd\xf8\xba\"\x96\x8d\x17\xca\xd1\xb8\xb9@\b\xce3\xb5\xf9\xc1\xd5\xb9\xca\x1d\xca&-\xb1\xb7)&\x17\x9f\x93\xd2-\xaaO\x9a\bVf[z\xd2\x95N\xbf\xd4\xe5\xd1\x8d\xf1\x05\x10\xb45\xf5\xd3\x90\x84\x19s\x8c\xb3g5\xd3\x87\a\xce\x04\xe6\xc0V`>\x01\xdex\xf6\x92P\x14\x0e\xe0\x9e9:i\"k\xf0\xb3\xd7\x1d\xc0d\xb9\x17-\xf3R\xef\x12\xdfYS\xdd\xc1x>\x12\xe9\x91\x1800k\x0f\xe4X\x81\xa1\xd1\x1a4\x1b\xa0\x12\r\x1c>\n\xdb\x89.\xf8\x04\xf0\x87\xa9\x99\xb5\xc2e\xf2\xd0&\xa0F\xdd\xda\\X\xe1g\xa3\xde\xba\x96\xdbz\t\xcd%bt\x0f\xb4GE\xe6,\x8b\x0e\v\xa7}B\x9fT\x82\xac\xe4{h\xea\xa6m\x88/\x15\xcd\x84\xf3D\xa3+\x1a\x03\xed\xe7}\xe9H\xe3\f\x83N\xb8\xca\xa5\xc8\xc6\xa8\xfat\xce\xe1O}T\xd6\xd4\xb0\a\xc6\x84\t\x9e\xbea$$\xa9\x8c}\xd0P\x8di\x7f\xccm\xf5')
sendfile(r1, 0xffffffffffffffff, 0x0, 0x320f)

00:35:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x800454d7, 0x0)

00:35:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:24 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:24 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80045200, 0x0)

00:35:24 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
connect$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:24 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  400.340688][T23421] input: syz1 as /devices/virtual/input/input442
00:35:24 executing program 3:
r0 = perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open$dir(0x0, 0x5113fd, 0x38)
r1 = socket$inet6(0xa, 0x7, 0xa665)
r2 = syz_open_dev$radio(&(0x7f0000001340)='/dev/radio#\x00', 0x2, 0x2)
ioctl$NBD_SET_SOCK(r2, 0xab00, 0xffffffffffffffff)
fcntl$getownex(r0, 0x10, &(0x7f0000000100))
getresuid(&(0x7f0000000140), &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000001240))
getsockopt$IP_VS_SO_GET_INFO(r1, 0x0, 0x481, 0x0, &(0x7f0000000280))
r4 = getgid()
io_setup(0x7, &(0x7f0000001380))
setsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000001280)={0x0, r3, r4}, 0xc)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet6(r1, &(0x7f00002aafe4)={0xa, 0x4e23, 0x0, @ipv4}, 0x1c)
connect$caif(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
mq_notify(r5, &(0x7f0000001440)={0x0, 0x0, 0x0, @thr={&(0x7f00000013c0)="627d426314373f31c563fe821aaa74018b70a1adf3777fe13e78dd32ece906debcdf549693c796e07602b007496bbfc6122942d25f855513", &(0x7f0000001400)="30024c5e6992449f979dfb77e784d6b2465329838eafc72b7feb205df92a216844d3"}})

00:35:24 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:24 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8004ae98, 0x0)

00:35:24 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80045300, 0x0)

00:35:24 executing program 4:
r0 = syz_open_dev$vbi(&(0x7f0000000000)='/dev/vbi#\x00', 0x1, 0x2)
ioctl$MON_IOCX_MFETCH(r0, 0xc0109207, &(0x7f0000000080)={&(0x7f0000000040)=[0x0], 0x1, 0x1})
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000000], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9]}, 0x45c)
ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0xc)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r1, 0x5502)
readahead(r1, 0x6, 0x7f7ffffffffffffa)
ioctl$KVM_ENABLE_CAP(r0, 0x4068aea3, &(0x7f0000000100)={0x81, 0x0, [0x8, 0xfffffffffffffff7, 0x2b9b, 0xc22]})
sendmsg(r0, &(0x7f0000000340)={&(0x7f0000000180)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x4e23, @multicast2}, 0x0, 0x3, 0x1, 0x4}}, 0x80, &(0x7f0000000300)=[{&(0x7f0000000880)="1476f45b4bbc0c770a69ecf3e1c04b790c2c580cb894428a09957522970815b5e8c3ac462311aea1cddcea3e76a50d78890fb8a38e6646edd2fa18905392e82c12de09f552c9d936540ee4d9935bafbe4b3bc66822e920780b86388be96cd318f6b3f6e4bbf9015038a149380d13b33bd4a701c16d3863457dde07822380bd2b7f9f7e063fee33f65fec44133d1e67019ef8d505af04d1911c5ec9d8e743efc0f45c3aedac7c92aecb6c13963c04d1551c004fc807d0ee3446b09e6ba8579d30fa9fa70aec61ae30299ade6ea76330d5a4dc980682cc9139bd0321fdfb3ba0b724c5f2efa4b10b44b71c26ebb07464a134d822aa9fc2e869a84c744d5a4f1ec2bf3f90174e7ae08a82b43438e38c424d3723dc2e959d13175e4f1a4384ab83e3b031f253241b2048e5f0cbb0d788bd3ee7b493978053d6d1da2b409d49ab85e8257c74b381bff1c0f4d658ccbc3edd769584aa9a00ce4b1dabfc5fafcd1d6d0b6c957e269f5b0b672e4b77a0b6243591a8334fc508a26c97bd11d9984c17b2f66683c08fc2f92c5dfb696b3870ce7a649d3788625a346ca9c4a3d900a31b22e2097f0fd9b3a5cf623a63abb966efce5489b3be9b4c69bb79871e9dd17c9a647a374dee8ba20dc735dae503a76c778472ebf86c66c0b2be61e35dfa1c1f5e363c83ff51b53fd02ca74195a8f15b2faca4cb9e146c4291829d6281b23ff820671d22835e061c616204417a0fd0adf2fb575b94f34d8355db4cabfcc1f81b117166723e934268b6e3bf21713f14b6e852167b63bf18a4a4965f9b48e96147075144689a172bbf1776ddd500ec6e2f0b69f9402293a59e67014e3ede94ae5c7071f1ed8adff5560c46558797f0417019977938c4a237bae2e515fda46e0fa8cbda1e55557972d6b6433a74a7504f3e59903c061f264ff508e7ff5713fabecb58fa8c43a72dda2b336bc0b8a97d6d5c52d96d1dcfe731c2d41edae973ef94253a08c40880987a944eb9f41bd156aae430d53921380e5cc305524514e16826272aa2041169ffac55f4a91d4e2771383b875fd535590401ba106148060a6e90344befa001068bc1e8d4404d097518ee43ca76831e714c65d60a96a9b5e0e6b8284b23f6f7039fdfaf318604e68a6b685c4ce716420b45150ffaf0a0c2436e3a50579f77db6d5263c9afe94e7cc1349ad5aca9861d8a45b7eea8811e2a494d47bd4dce2939d039e2207ff284037217773b9fbda814c9b975936a24a4a4a1db74ecf4fc48aa2a18c653db2bcb05c8554597650ac1d2e8ecf9c6ad881e65b54599fac341b5b97ad3a80ee7c9dbd6b0e0b6fca9cf9010ee412da9775117bc17584b8bca5e46039cf6878cce3b4c266013a5b95bcbb1f85845a01d01e67605f469a3c197273cbce2c7d056f0624dae7f1ad8f5a18f3f3b99cc5ae0c19d6dc1272814545d6a68554432b8a68a739cacb2c3d48002a07954c0a1d82aa44ec86ca6469588a844add10cfcee739e40708fb887532facbd0eef636a60916d926a62e1a68bc692886a1593c084e63ba131366a34ca6afcfb6b16f0d995f54b4d4cd02e012cba3dc9cb0a7b91621951adc399391afb39b8a429bd2c1dbc38fbcb9e80c56b3288ac052fe7a70b222c76294515e4b6915c3f0a78ab6a43bc6be93ac614ee299c4de9aa735cea14ac113c8b5d1e522374a464bd82d74d207210103607ba6a5f3c266e9abc1bf0e4983aefccd8aead58c9642244960ba6d3b16a72e338f1946fbb719479210671ca1c56603b5b1e5544a7fd52d32d5be331bdd93defba61a93de631ef2ed2e66973f88d4b8255163e9585672ecb88383d76f58cc4655c0f9b46e90f88c7a9f9ec3a3527e4986999c3512bc65ee166e6e069c0f3c5e45551f7deae7dd1b1ce77ee10bf543a8be191d31ae2122668bec319957b944784a83ca4fb6815599dfc71a1b1c26a359956c1e81c44f730c1e73c56e0676daffa62a380f242465cae9c2d5d0ccdedbeffb228ec2dc87f6fc3473a2cbd1b1c1c17eb88831e06e8fcb7e6e5fecd0d6c5437b7884888ff48f76fc7fda2a20355935bb5a76b99e0c2728ef753103040f10294397ad1e19adbe417af85d46677025e93717a8a2145bd616aefc1246c268c953de90046da07217b554c09f26b91cadf7ea01064ef3f6b3f078da82e8c3fa5a319c56b415f3a8f007f3fc027971c6fde633f6d6f8a2050c575cf242fc503c4c8118cbd22410045db39bf013f8c57370d5b9e5e036613c3ed9b9e48adb1bfb0551392d46bd0d4500c11ec674449f181f1a84c09bae76f407d8fbe02f6d13b0608e4305a00797b6bb6d3f1bd127adc66b8fd05fd087ea5ed3bde92f439445406ad1f891a2ad321ef036b9dff97be9d3a80296294cf77f45a07dad8dbfbb1a356be4e4d56bc4e8902e468cdd7bf93c259b9a008e58975433d12c27a428f04bb540256f5efc166d398669c4c2471cd683cbda115fee6046a47e113fe5691f793ed2ca4a855301b7e84c8d9165904e0d70fc75c52d72ae228f0cbeeb2371e9f7ccd553d9df333d893a429c1dfdac8a19d4fdbabd32fca7e86a929bc9a30a4bfd10c3cb712ecc538ee42945b8075f7e02f75a70002212ddeb294bffc4031cc5ce3b8726879f4a2ab6365971bf682796b8afda010743b125201c37fdff756db3cd63d0447be8b9e404e9d0b05c8fb79ec5e006b64f3cba1e98904325fccdef848a2c0ff2297c84e344404cfa1c4725dfa3719ea037181f9d951f3a0d1e38c105712d8c561ba35afb18a1bc3c59ef1717746ebda668af2522564e39fe1d96f8882fdf8f21062f002ce6c74fef9ffd023f6726a4f65f975e104ad304602c9a9303eba273c70c9012cae83da0a294e2b14ac13b005182c2c7436047a3bafbf1427114d2c477ee49a602a2b206092ec54d921f410290be4098c139a06322115ef0a09929fe31525a511655a6ac0d8416f971cc2309fad319c0e0af650ac831ca4e21d6cc4b3900148fc34ff2eea0b06329c5d26c2371378dde3e217a26c24c3250eb8102e16657bb69b4de10143bea01fedf8abb5a043b42e15be901413db29f7c07cb02612f822160ca12f643ef2610c6b5080af1c9d809b2e61f8329f6ee972231caa8d2c7cd7dd51cd2a5e048d3927d501d80481126a751c1ef107aa81c895c3ac7d4ecf0ac08b6bce901ab6919eecea65e8b6f6f80d6b6fa8bba85291ee381477fc208ad980244903f3b09be3026167ce793a509e05997821098bb5e3054adcb703d2fe526fe97afd39e9e209867fa8e96a06cd50646d10a4683ee2dad47b599476f7661efaa6705fab01a27e4586bc73455041f8140ca97cac3b7ebf2fd3662a0aeed4480361b78c8fbf29c2dd2185ba2d332005682c2b2524ca1c9d4224d2192b7c00d406acb6778641634bfe8cc6ab08ecd9ea94463422f60bbddeef45dfbf04e76db2307a6704002470935121d7f0f2582715194ff4be36ee617f232d684e08f2189591234792c78f4d96f063deae194a9ea1b8ea2f5391a93dfce31464ac3edc4c409e08b56bbcfd0c737d428121ade9b3c3d66174f4d3c37a836f96358c26e7d88ec05ba0b3ac8b4a17034b324c90e623fb5a7afe9bf693827e6f13b87aa63f9c0bd3b44a023dcd5154d576c122a3dd388944c10edee1d9cabc780e01a6e25d173040663c7d186637e2aaf772cbffc55d6094dcaa1d90f2046c2875c5779a81c00afa41ba2c57b764cdea44807ada0f0701747798bc06cb6ee9d70433d2e775b205a0c9575745845d09f11c46c6295487e5dd92bf517db962793b0995594beb01ff8fa6ab8e8db7e4ff4e8661a2efa4959e4e3e845d54ada88c38333e44b5a5e9285d1583f4ed21f967b1c08b8f113f06907375055e3433b311bbff1beedc30b0195754381054d568de1bd00d0f62de20006eb4c74580cfd9366a3ebe3248c0e1d5d9e203a35912b5db8fdae6b53b42855829efbd98e54cf934892768dddabd63fbd8ac4828f9fb21bba54414917f28510680efd23c0ae84f19e998233f7073e8f914b08f9ef9976a69a96274ea5cd855249bb00ff7266bf7261bbf6e6feb899edd84dddf9ecd2bd607cd90433eb2eb1fc5a37262c4b70c9a6917c6fb834cd96176eaef75d1a6e9d4f46880ee9ed9b4c51672b16dbf95275e31854bb0bcbe9073818b4df26b521f37a700f87cdaaa8ce4160b382257ca0b7613d3b5b16b91c4ec980006ca141d7e7085adbeee6c78d6ab5255893aa7bf0abe3c8c84dab60b12140c3d2aec8b9f987fb29d82ab24dbb61a455f8b762f1b12b35723fb8f11f7cf90507bd5b9c86af0632a57422eb08a6fd5fa24cea13a92ba91d909f829efa853d8177b7081842733e2ea9768d58228785e1ce507ffd9d237f704d009f1536ecb68f00f365b8f39175bcc5c6bbad0282336bf5b89a46261731ada00dfee9ad2346616803c63bc837182fb714e0cff560e84f9578378d63150aa451a860bea7d4ef6f27aee749f9108606fe0d8e89f618562a637f8ce57ab71a64c036926d0fbf0e5067daf2e8625cd0a0929f716b0821bf0075d366b835d578b601dc570165b6b97de57c6647a0f2fd86057532f8b7a98c6611099c3d1df8b67488ae190d5e12adb4c1bace07f2c1c13b059d34a040b92f7f29ffc7b69450211bbbb33dcf70fddb5aaeb0a1a03e6ff1201de859d7fb68d6edf8e00330d76127c9c5d9687e35674983310a7c28f5b8b22429a94883b2faee44b8c81cfb5b8da449eeab356b2b2d891b5711e1754ae3a1513d5dd1953318eccd6a4d77cdb5e124dc60b1a9d02900af90fa25e2dfe74174faab5e7952adc578d90053dd449087ca50c22d92be6bcba095da59fac72d1530b4f8a2f178a12cf5577e24d2a7f88e1224a0703175812497e7756c797c7ee15da50af775383a9501481b68ca754f21df325c99866023921f875e43dd438ae335f59f0610422027a313b51b98b1c86a998ef2653d67c64dc0eb050866b69bab37fcfc8787f6a8aa7404efd896c76a78b4e98fb0a8f08947e1482409268ce897ca911b3370d8684f4f3c0e20e62e40f5c13e5b78ff02e44a2266fe55814508be6982a5a4c02ffb902c6edbc4a4f81991ac8aec7744a934d43bb2175780d6e4d378ce22195d73268cd1df141e84d33676292390e65ef1122c2df47ab5d9fe6cbc23da50839cb287165041ddd4399bfb806f158a3ded63e7db46e090186c2fb7dea673d74f85b545e1bd7ef64a4797eaac957dc597c8285557ac065ae3ddc6496e3ae7eb5c2d43f7c4809d901fb2af93b09efda2f9d1126b80f6795bd1a482ac675186473d597bd10be1a50f85d130689587979dffb4b8170f86dab29c6591d25e71879c80ff33702c78246a91fdd16da61008239ef487a5a6fadbdfd2c109243b195779011ba1224848572b9ab15c52614ddc7d7234e69f11bd34a8747887113e8bd6b39e71a6bc60a033708a829f3dbf32f220bea21e429954ee29a9dca7c9eacca22811178552644355b1ef1e252715ff34815fd8de70f1d7709fb5ceb33337a6370beabe4a59f91a26d47de6b15f9485e9b3b901d229d099914c5a0d3f44bdb498bec2b1905ed6200fa8bd03c7ad6c18951f1cbab0e2cf0d1480d7cf928b8bfdd2cba73cfb4142251643c2a183b77e3a9b99953c465497558ab382ef99f108bb4a4c1c5c7ed7d45a06cd2916451a76b813b3e9fbb54771a1bbff0a4d0e55994a804a8f6855e51c5704ff85345e2fe4732207cdf670581803fd80d40e7cc2bb4b1affa8d72f1cb6ff0644aa48102af36d65e0f", 0x1000}, {&(0x7f0000000200)="331cfa6aaf8de4c4f9856dcd28db4650e42257240412640f1aacd7e4bf0f637f47d4bb54bd7311e4a75bc2f89b8b55ab8b6ae34c6c07137107ec45c52c111a0dd43ac776ed86bf6bcf1a71a77f238411dc03de5a175e41fb90465f1b00aeda2948c50087c65b2ff7fc9273b8e73e8fd72463f7555f14216c0f1489100037bf6749a8847573983f8ab263a4aae7c9fe13db4ae112305baf608a4af8ec91aa85f276f369fdc2dc11e4fdb489b2f2647b36cb4e9335efd1eeb2a502e35783980345a2ec4fa1f3958de13c0ea9f6339af31a704e0a7f646a237aafb07102812a7cdbd9112b1e8cd4b8dbc5acc6e7e2511fe44d8a5a", 0xf3}], 0x2, &(0x7f0000001880)=ANY=[@ANYBLOB="c80000000000000000000000010000002a013204ad7e92cf4777c89b4a33a7b424b24d6df3c8c3936d1c73fe4cc9745db64952cdc91b65749b8aec45a7defce7e405af1a3927e1787c9956239c63d6d7e6233f9259ad8021034ce57face248cbce8d752daf4d65a1a0cf55e34eb299021b19a0344cfc0930f04f0aea2bb47fa30823b96c734692f32990bf18d9360b22798de5ab7f03a36655eab0e9a5abbaa874b00d315253dc6f1c8ee2daeebab6987650258318000000000060000000000000001201000002000000c54210871840646358d6c2c6398dee8dd0839d9df0a8a2e6da712f0f64a3c5609ac2dea8200a419609000000db3a8cdd2b7650de90fd2a766748a5102fbe6f655f3aa7b6695aa635936fcdd74aae8900"], 0x128}, 0x0)
keyctl$session_to_parent(0x12)

00:35:24 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:24 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:25 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80045430, 0x0)

00:35:25 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

[  400.730691][T23477] input: syz1 as /devices/virtual/input/input448
00:35:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80086301, 0x0)

00:35:25 executing program 3:
r0 = open(&(0x7f0000002000)='./bus\x00', 0x0, 0x0)
r1 = open(0x0, 0x0, 0x0)
ioctl$KDSKBMETA(r0, 0x4b63, &(0x7f0000000300))
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0xed}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000640)=ANY=[@ANYPTR64=&(0x7f00000005c0)=ANY=[@ANYPTR64=&(0x7f00000004c0)=ANY=[@ANYRES16], @ANYRESHEX, @ANYRES32=r1, @ANYBLOB], @ANYRESOCT, @ANYRES32], 0x23)
r2 = socket$inet6(0xa, 0x3, 0x6)
r3 = syz_open_procfs(0x0, &(0x7f0000000340)='net/ip6_flowlabel\x00n\xc01\x14\x894X\xed\xc1\xc9\xd8\xdcK\r\x8d\xae\x98&@\xd0\xe6\xbbQ\xd7\xffYn\x1c\x92\xde\x0e\xaa1\x91\x98\xe9\x1f\nMCi|+\xcdw\xf0\x176Z\xf1`\xac\xf3;\xd6d2\xeb\xe5\f\x0e\x8b\xda\xf7\xfc9\xfe\xff4\xef\'\xa19q\x93\"\x7fG3\xc1E\xe6e6\xc6\xc2u\x11% \xe7+0\x97\x84;\\\xda\xc4\x80\xc3\xb18N\xbfY%\x05\xf8\x85\x89\xfc\xd2\xd7')
sendfile(r2, r3, &(0x7f00000000c0)=0x202, 0x8)

[  400.877515][T23495] input: syz1 as /devices/virtual/input/input449
00:35:25 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:25 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:25 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x20000, 0x40)
ioctl$UI_BEGIN_FF_ERASE(r1, 0xc00c55ca, &(0x7f0000000180)={0x5, 0xfffffffffc817be2, 0x10000})
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r1, 0xc034564b, &(0x7f0000000080)={0x8b0, 0x47524247, 0x7, 0x901f, 0x3, @discrete={0x9, 0x8}})
ioctl$UI_SET_RELBIT(r1, 0x40045566, 0xb)
accept$inet(r1, &(0x7f00000002c0)={0x2, 0x0, @broadcast}, &(0x7f0000000300)=0xffffffffffffff1f)
setsockopt$inet_sctp6_SCTP_HMAC_IDENT(r1, 0x84, 0x16, &(0x7f0000000100)={0x3, [0x3ef, 0x8d, 0xfffffffffffffffb]}, 0xa)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0x2, 0x309440)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x800c6613, 0x0)

00:35:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x800454d2, 0x0)

00:35:25 executing program 3:
sendmmsg$inet6(0xffffffffffffffff, &(0x7f00000012c0)=[{{0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f00000001c0)="3bcf699babe54de9479070888bd00679e59db3e02f171ea7b5d3f596c076ad416009d57c226ebac4531f44aa757445845fccbb5298efdb43adf6c45402daf87c921444cb6c343c0ad84da9e57c2b5d05377c5616621aacc8d07672fdc165808bf773b20045530c4c62de23f0d18995a1586c31e386d0f19aa0f453a5cb2e2385307b570679d18dfde4dc83beee986c745c7ef8ab6106814f13bc060b7f239f9bf60189e54df773306316ac3bddc56edd4dbe5ac125a8106041fcba9cc95d3bcc801201e90c669473b5a66eda4f1f5ba7750754599b1d2d37110df0113615d802e5f44b496dda0d3179e72c64e09da3342ec18406a65111a7bbf2a4663d2779db2d283ba8c1bcd109bf9d4e5d17d8f625776024cb4028749363215873e89bf8b8a449caa69a1e100a0407348510c1570d1d14b0db1f65815b7ac20e79dd4666d3a3c44fa3787394bfa339f133fab72da995d4c98a9a28bc2e371873a90b801b51b5fe5d84caaa87d643186ccccaf1b0a766aa21957f9d850af6fc8f8bb1a1fe08e598635d16ee854e4152d0913bd315515200eb537a7189bc786ccb73c7e88799fb6ae6eb41d5ad42d6e587e3f337b20a5fac42112145f256d7f20770306022c5a7502d358b", 0x1c5}], 0x1}}], 0x1, 0x0)
syz_mount_image$bfs(&(0x7f0000000000)='bfs\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x1, &(0x7f0000000080)=[{&(0x7f0000000180)="cefaad1bb83c000000dc", 0xfffffffffffffc91}], 0x5, 0x0)

00:35:25 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:25 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

[  401.097139][T23519] input: syz1 as /devices/virtual/input/input450
00:35:25 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  401.211502][T23526] input: syz1 as /devices/virtual/input/input451
00:35:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8090ae81, 0x0)

00:35:25 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8004ae98, 0x0)

00:35:25 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
r1 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000)='/dev/sequencer2\x00', 0x200000, 0x0)
getpeername$tipc(r1, &(0x7f0000000040)=@name, &(0x7f0000000080)=0x10)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:25 executing program 0:
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:25 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  401.439257][T23542] input: syz1 as /devices/virtual/input/input453
00:35:25 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:25 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8138ae83, 0x0)

00:35:25 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  401.646360][T23525] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop3
00:35:26 executing program 3:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1124, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0xfffffffffffffff8, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r1, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x9000000)

00:35:26 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
r1 = dup3(r0, r0, 0x80000)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$PIO_CMAP(r1, 0x4b71, &(0x7f0000000000)={0x8, 0x20, 0x54, 0x12aa, 0x53e3, 0x80000000})
ioctl$VHOST_GET_VRING_BASE(r0, 0xc008af12, &(0x7f0000000080))
setsockopt$inet_tcp_int(r1, 0x6, 0x5, &(0x7f0000000040), 0x4)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:26 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8008563f, 0x0)

00:35:26 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x81a0ae8c, 0x0)

00:35:26 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  401.848319][T23588] input: syz1 as /devices/virtual/input/input454
00:35:26 executing program 0:
socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(0xffffffffffffffff, 0x1000008912, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r0 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r0, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:26 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

[  401.927149][T23588] input: syz1 as /devices/virtual/input/input455
00:35:26 executing program 4:
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
r1 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/net/pfkey\x00', 0x101000, 0x0)
ioctl$SIOCGIFMTU(r1, 0x8921, &(0x7f0000000040))
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r0, 0x5502)

00:35:26 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80086301, 0x0)

00:35:26 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:26 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)

[  402.139987][T23616] input: syz1 as /devices/virtual/input/input456
00:35:27 executing program 3:
perf_event_open(&(0x7f0000000240)={0x0, 0x70, 0x5, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1124, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f00000000c0)={0x2, 0x4e23, @broadcast}, 0x10)
sendto$inet(r1, 0x0, 0xfffffffffffffff8, 0x200007fe, &(0x7f0000000100)={0x2, 0x10004e23, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10)
sendto$inet(r1, &(0x7f0000d7cfcb), 0xffffffffffffffef, 0x0, 0x0, 0x9000000)

00:35:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:27 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xc0045878, 0x0)

00:35:27 executing program 4:
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000100)={&(0x7f0000000080)='./file0\x00', 0x0, 0x10}, 0x10)
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000400)={'syz1\x00', {0x0, 0x0, 0x0, 0x1000}, 0x0, [], [], [0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff]}, 0x45c)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_SET_RELBIT(r0, 0x40045566, 0x8)
socket$vsock_stream(0x28, 0x1, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x1)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000140)='/dev/uinput\x00', 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
write$uinput_user_dev(r0, &(0x7f0000001880)={'syz0\x00', {0x0, 0x2, 0x7fff, 0x6}, 0x4e, [0x6f0, 0x927, 0x1, 0x1, 0x80000000, 0x400, 0x6, 0x7, 0xd57e, 0x48a, 0x0, 0x7, 0xfffffffffffffff9, 0x40, 0x3, 0x2, 0x3, 0x3, 0xe463, 0x0, 0x3, 0x4a, 0xffffffffffffff80, 0x400, 0x9, 0xffff, 0x24fe, 0x12, 0x1ff, 0x7f, 0x6, 0x6, 0xfffffffffffffff8, 0x6, 0x1, 0x3, 0x2, 0x0, 0x4, 0xfffffffffffffff8, 0x100, 0x7f, 0x4, 0x9, 0x1200000000000000, 0x9, 0x800, 0x9, 0x3ff, 0x7, 0xc6, 0x7e07, 0x6, 0x4f71, 0x4d53, 0x1, 0x7, 0x2, 0x800, 0x8e, 0x9, 0x1000, 0x3f, 0x1], [0x0, 0x80000000, 0xfffffffffffffffe, 0x6, 0x3, 0x200, 0x9e, 0x2, 0x6, 0x1ff, 0x10001, 0x3, 0x2, 0x1, 0x2a23, 0x7, 0xfffffffffffffffd, 0x1c0000000000, 0x401, 0xef43, 0x4, 0x700000, 0x7, 0x3, 0x400000, 0x8, 0x2, 0x200, 0x1, 0x40, 0x1, 0xd56, 0x7fff, 0x1f, 0x0, 0x9, 0x2, 0x10000, 0x80, 0x100000000, 0xcb, 0x3, 0x10001, 0x5, 0x9, 0xa38, 0x100000001, 0x3, 0x301, 0x5, 0x9, 0x6, 0x7fff, 0x3, 0x1, 0x9, 0x72, 0x4, 0x6, 0xcaa1, 0x8, 0x10000, 0xffff, 0x2], [0x4cf7, 0x6, 0x9, 0x0, 0x8, 0x100, 0x5, 0xfffffffffffffffb, 0x200, 0x7, 0x1, 0x3, 0xfff, 0x100000000, 0xfffffffffffff0cc, 0x9, 0x3, 0x7fff, 0xcdc0, 0x9, 0x81, 0xfffffffffffffff8, 0x3f, 0xc3c, 0x70, 0x3e, 0x1, 0x5b0, 0x4a, 0x4, 0xfffffffffffffffe, 0x3, 0x5, 0x800, 0xaf, 0x6, 0x2, 0x0, 0x8, 0x9, 0x0, 0x3, 0x0, 0x3, 0x10001, 0x2, 0x4, 0x1, 0x8, 0x3, 0x156000000000000, 0xbb, 0x2, 0x3, 0xfffffff000000000, 0x2, 0x1, 0x100, 0x800, 0x6, 0x1, 0x3f, 0xfff, 0x7], [0x0, 0x3, 0x1, 0x5, 0x2, 0x1000, 0x7fffffff, 0x3, 0x6, 0x8, 0xcc, 0x1, 0x0, 0x7, 0x6, 0x5, 0x7, 0x100000001, 0x144, 0xf64, 0x1f, 0x8001, 0x7428, 0x2, 0x3, 0x7ff, 0xda1e, 0x3, 0x3d13f258, 0x7ff, 0x7, 0x9, 0x1, 0x1, 0x81, 0x3, 0x5, 0x5, 0xbf70, 0xfffffffffffffff8, 0x4, 0x101, 0x1f5, 0x6, 0x4, 0x80000001, 0x80000000, 0x2, 0x1, 0x5, 0x50b, 0x2, 0x7, 0x4, 0xb27, 0x1f, 0x9, 0x10001, 0x4, 0x5, 0x0, 0x59, 0x8, 0x9]}, 0x45c)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000000)={&(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ff2000/0x4000)=nil, &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000000880)="089aac89d43543372a2dc791827fb8dd6ef57aa2fbf8ffe8cbf3ef15032e1e17ae4f59b1271825c88f76a932107d92502f4421662cd9eff1d460d071cada82dcbab267ceb9fb70bebdce12f51c34650ae0c8d987bcb730ad7cebb92f8302622398d7a57f2a021dbbbc762edfb7c62918de3a3912b1ec54baf507b6a04e7d7170e188c386a20b12ed537cbe3ea129b2f2d6aea5de7564b3899563a54fe7405d8df649235b8df9a570162cffb59fe04443a2df3383280373fb21b8d3149b4f8385be0b4a0f0c260e8e2400567f68103650f74c579fdfb2a91501e52369686aa8e56f342f565e0c667c3ef9ae552d5a7409a167ff01d8d6f48d77bc805eeb753a8d06d490fd71547a5eb99e119798bc02bd2bc08788ae3a93c2b477bfa9d56c2913798cb4bd3468c6c308504fdf4d780b28832899a623efd339202cea722ce33dbdfcf0ecf994c765f9f7aef8e0a8be78c2e20ef42d441adbeffc8effeb990071eae2e4ec92a4c10d71a38d14fe5e9e8472af3da1250c49a4919f76e068223647f181a3a13ed16293e361132f10c6726e3d520c19189bf8124008f1c0684ad5395bc0bff9d716a4961148c973dac63081d9a6b1171672816fb1b17cdaa2cd994de6f7df3ea9d2330e78f68f94a71f71ce9659a3f3d8e02582249e3f527639a738c2a5170f214cccaf615cb16a46896effd195d5d0ffd50e69c820a66db16dea6f432d7825c7c5bcd98326829c6a6fd19b5b5375b9a901d98ade1523d11efb0107d2dc10dccd3a95652ace1f51220eb6f4c415b7904e73f6e4f82bee3646936496083b3139fceff24a698605a889b077948de6d228fc1a687221c36dedef2c8768805c8e97c9638852061cc320816a52dee0df5c87e88ba3a9d86493a3182c7cb532c108efc83d3112330849a9f1e6b5877735a209cd18c05467443185faea494f28efb9dad3140cb6cf0f1ae7dd9cafdf1a239a47b68f475113fc01f9f6dc28531ab14c304219903d2c28e05b9269f6b22b2131f1f09626ee047fac30e22491e2af1f1d2995e3f212d6a15d7ef49feb9a0e704af58485ff5544c502015186e7fcf61bb8305ef97b7f80f51f5c0c91b22d112261fc4dcb38b7fb3bf99638b9f2575a679e84c6cf1067afdf6ba33a2f3252ff1e33afbb7fe4aa6710f288b98db79c63f8450def5bda7323f2d94463a0076d37703b3312d2e380c125066393ffeb049a6177d0995094c62cc0d50486ab2f449441e4164603f64a067ddc6df6ed9465576c941abc505267b229b473f19137a4395b5baf12b8106b3260f2bbd6d423738368229c9e957eba4c163c122db9630b3136e3e71eedeffcb35e0f0681de0e9ac1fe102deb779cb8f5a111ff5895619b025852713c8cbd22dda309497ec8b0e733cfc26fc352290a5017afbdf75592ce34bc3936c58ef6331ac861c5c8c9d8465bce6a210c281c109e0e38dcc78208c0a2a733cfa3e0692d31fdcfc229a6de9825f1610acf81dab1ae8ad0a1b6aa8889b0fd5a7764eb523406ee32e1dce167f5f8172d55fc872e4507197a3812288c883138c944e3fec5a293ca5f8ab14e104a9ab09503f8cfab66a644c271d2659b46570f1b20d173db73db4f91f30088b30120a51db151dc68211926cffe7cace2597b0efde28db3354a92a15ffa06552740e06a95579e05027af137087c6c4d68b15a56901eb606089f7db9042b3fb522e468c0cdad4ba740f618777e9070d4bcee791e86f8b88f21741d8944292cd44a935c0b471baf6e9ef02a264dfa2f344f281dd5d9908783a6914f829ca9a840a4babdee960c4ad145c54335af3f6278a9f26af51520b0537a2f0c9f082fb9f0d52371eed875e8341e95561159622b1f580ab956e351a0f66fde305bbab3c5478c38a8ce27f05b57fd28d5636c2681c87c7566420db2dbfbdd730a091accbef92483a4ea69283e5e7e4697b3266c1c637c216dfcade3ce3086a7a2a0dafb2ac5bcf5adf694e1f0e2da8a5347f3cb2233dab31f5455d8303586d0310bae898c33494552c11cec3e6726583c6ce5c29b0ec35fb01c9da82a8185c4a0f89a9c7b57510313d1272a6f4acc345f53bd8ad76ef9b6254cd714b041f14773f5e4757e053a135b0d3842490bf7d39dd1fc36bb637983efb7bb5ad3c0d9d0501ce223cf53a7d3903f727726053df2a88b94ca620c4bd6f0a1d6b5fa3acdf824523b311d70126bf17a2300984c0b6fd01e9f60c41a8bd87bc3601402a556fb395f5bd72adc078cda7bc6a6a4ca00bff5df19b1095815c1f4e204ec7e518b18f0372835f0590ed744d06419daf80b7b8143e6e14fc6b9c72ad7ba0c09a78baf4367754f12fbfca113ce077c64a8e13531724191a5b24e6df2086df9cd4316e1798629d0ad8a28d2ca4da951605f7b8ee9ac44c1b119bb7b7e1b05ffea0309b9239bf79711ab585d0f461f9577d6e82c0863696d01169da9132ef2f99d4abea884f146be128a6f1a5b42fe28f019620b6d43f46021605eb62258f0c5f57e558975fccc038be2a45aee840f595fd53bcb0759984e713804012a215e287d2ea5bbacacb7d47f84f0b396be4f215d3a30e66fa3e2ac05d95f8c897772dc90b9c129f91548cc350eaee8e4c2de0f83a0968021865a8a0c7a042462b30c4d294a5c50419289c1f2ad13d3af8bee4fbec317ce4da0768aad994b79cc5af1156c5428181b89729fd224ea2bb5024da340273ce2c19cc9a06f6b06b5f8f620a872d3871290ec2607d932eaf73b1af8c850cb6bec44e6acaa9829ff8e15d7ff854c3dd28698037902bad69c6065e744435e6949a16c490814fa8dcdc55abc29edc5fe7d8bcde25e9432bd0b4ba0a710e3db78d412ef77bc69f1ed3d8f6eb01b2f5d77e994171ccc80936ba6b0773e452f2d1bd691f65abf67114e4154768b2c39dbe59adbc3a2f514a5c33b18d3524cce734a63040e69368e42793b16006dd3ff634e81a4dc531861b13fedba9ac1b9bbe7878d5efaf64b0330ae929da09f1db2cf5d70e69d04a92adeb34e9564d42a3253673d05dbd65debce3d8404758541e9898bbb3b2088d194fbbf053df3ef5b896178c4f936bbe936ba5efd65ef15174f49972376411c74f37d76f7e031bf9cc47272937cf2a99e2f60eff3dfd94006761adbe35c246d1b9c04a700445f79f0da7d58b954c97ee5c8c9749dc63720f44eebea198d08e2991b0ff72ee19461388d96a733affd0f740446812bfe540ea0dd26f25a4e9819476af31ac008dd18017b8ed905d3405bdd7e994fe624cc7d3e303236d5fa2deef1d0136aac519b9521a30fc412a23f2d0ff72b436d4e46c54bea1831f2e8f555284919b2939659ff96c318c65aeee7d0b33ac210f50f138a87af3a3c11025bc6f9d7e5d4098022b0f97d880a28783f36521b62e3b579b7c3fca861f823e9b193aadc70bef11ac3c5a69e23ba722adf0334d66e5a4b8eb466cbeb4323a1bd0e7e871f456847e228cd259befdf1744fc9ca7806e829b59933e0dc60fcfc3d40f7b6b90dd73c3a26bc88fc43931a931fc9bf8c8365020cd9e508f5c2ea571d4dd3b1eb7edb39f53c985c3357528ccda29d182088616ac27d7b409aa601dbac49b24164d36317866194cd7f1a892df9e3445c4e093f3a8d5dfdd9d4eb8605f9dd6b95e985435af4c0c11c19d997cd842433502ec5de130060ec483e7a18c4fdf859ec142b5368e0df656a82663ed44e260b2bf193757420247742ef43a025a710bb35047a568c16c4e58b9b4cb11cd085c1b2e0b2527297f0c4ee9d46322e6ec1b354af7de9dfb88cb03916ff2c5fd3253e822ed55abd5f28896c409eda55e4e7ef765e6165b14e5506e22b272d0819bb35a82b7cdd706e7814580f4f860c5b449a6c68634bc18002ebe70602e4cd49faa6c6739ce61773928acb11950f56dcabacd2ff3883b8d13bdfadaf0d5f39ea890c771d815ea188e68e0d50ccc989e0ef79dc5007f7ef6dee674797c1df39aac6e3a53773c291152a71fc3f1cd8cee030c50e2c8879438074fd0b71ba772b4281cbc82270cf2fce76c005fac87b209e024dc5112e38cc2c4684751198ed53b4deef9a208c3e035e31c9633cf19bd3bdcfba71cb233f75f1f1a49efbccd40d59acde831ea968b8d8ee98d88eceba00bfbf64eeb4276d279c4152df2f89975c4251a2a2c753b4beb414d16eda9a1e5adf3887b323b9fe9412ff11e59ddcf4793451f313127f60b6b2870d81d5cef83d3dd62ad31688cd75828977bc208ff21d905eb9bc12869e936cfc32a66d159513686325549d7f8c07c3afece4bd5d3c31f4cceeea49e4ed4ca417989e51d1476b0ad2717e6b7415ccd415c8d7bc4ece4dd9aab9f1e34821ad88a1cf33a884ce1c8aa27dacb30eaffcc7c1b36e4fd2277bdeb9f04191818a762d658de2de6c0184692633a736fdbac45c56d2f36d5d4548d33b2a7e5d72890b49a7971f1b2374899d7710547d83a3b474e30f388dc61f85b7021c087b0a6dccd3ffcb897a81d2cdeac542b81861f46d79a9faa2a2169c4e34e31f93a4923a6d9878898149485e8544ac3dc6ce1acca59e298f63d5097e5c70da547956992e1eb89a3201394e02ab99ff96f79d790b878ba802a8de86dbd8b2ff891b9578fb65665778150252ae60ef43a35939fc6647101d3549959965684896e54429f82ceb204d1c2d8387a31119d4333d5bafa63ba1baf9b3c58ee95126407a9cfb48f48444f86dc827425b1992640712552f19a1b06498d5469d5218073168e1399916239f429cc5035f2904177b9cef8a154a6bb20d033cf02d95fc0d65ad513895af43baea5423c026e726385d178a764561f6e9b0ef2ed0fa5d2f50812c47c84024c8eee6ef3e555684ffb68c004880f45dee41d0fb4d33e1ad254fa68d6538e791b2e439aff57b2d472a5072b820b1dd6e66a41ced9b2a369c035424366e52fc2e2ad7578ccc5560dd3c2c3b5c2fac960f20106d293dde0d5b5c586872b5910621e4662470817798978b8827de4d32f2a087a6b936a7ae99bef0c281f67abceebb2a6be17c1fe3b3e44490c05a090e288c4fda4232ba0a8800e7730cf755accc6658b2bf3cdf82bdbc173751139115c8be770dcca49e58295feb784c2029a8e3b276ade31af5fadbb0ba7b2c860650c5a0d9d37c374a123f812dc0f665d6d46761ee734a9b650e3788a0ce7ee418c54e62735983c210628e64c0d0e24efad297f2fa98b8e497b3af06e7c1ce2ddf56784cec8a92553f108cc263b9a6dd91ca1b6a8b53cfc3d9b93576165b835dc462e3abee09b73d0d42b0661a557ae105a34ad8a80e4b2c08beaec0398a7478b3f1f6b0930dd6801a8264e6943e3833d73a0a52e31febe6a3cfa0cb36219b208b179573ab8e60d722a803d6cc7e97bb82ef7d503900304a7feffd1ef39cf048b49579844943eb5551196200651ef549a0923c4744da1c436bf80d23aad70a0494ceb843f200b5580b665e867f16c06cb91a112e24de85d1a6f0f69a3f2f2b955a160f3ac283d33ca09f6043f9415070bffe8da0d126ffa9bad1c550ab01f423b1867aa313997d0e60e3f798bef1490bef61b9c2b76bb74be952cda7f734d7f4a419ec49a35f219e3b2505b70e193abf67787cabdc3f2767588e4980e9df469657b714771c88670cc3f75f21738bf8e4865a022766c86ddb0d3439d69e677d05575b0531c258ed7a0d031bce10baa6bc40f416bf9f89fd14e5611764ad204e70c4cb97f894b41b292a957cd61aecbf005972b95857e53e56424fef3e274f36b87d504dd40445edd", 0x1000, r0}, 0x68)

00:35:27 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80184947, 0x0)

[  402.787293][T23646] input: syz1 as /devices/virtual/input/input459
00:35:27 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xc0189436, 0x0)

[  402.895191][T23657] input: syz1 as /devices/virtual/input/input460
00:35:27 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x80287010, 0x0)

00:35:27 executing program 4:
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000)='/dev/hwrng\x00', 0x4000, 0x0)
ioctl$IMGETVERSION(r0, 0x80044942, &(0x7f0000000040))
r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/uinput\x00', 0x2, 0x0)
write$uinput_user_dev(r1, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(r1, 0x40045566, 0x8)
ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(r1, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(r1, 0x5502)

00:35:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x0, &(0x7f0000000100)="11dca50d5e0bcfe47bf070")
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

[  403.094370][T23679] input: syz1 as /devices/virtual/input/input461
[  403.240488][T23679] input: syz1 as /devices/virtual/input/input462
00:35:27 executing program 3:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x50d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000100)='/\x00~WM\x00\x030\x80\x90\"\xcf\xde&U]\xc9\xec\xfe\x19t@n\xda\xd3\x83dx-c\xb6a(T\xb9\xe4\x9d\xbd\xca\xefq\x81\x97\xe3~\x87\n0\x8b\x1e:y\x8f\xa7\x88\xa4m0%\xef\x93>Q\x82\x8a\xb6u\x06N*\xdb\xe9\x12d#\xb4\xa7=h\xfb\xe9\x9cm\xb2\xf1`\xd4\x9c\xb6\xcc\xe7l\'(\x9aO\x9d\tsT\xaa\xa5\x86\r#\x83\xdf\x87Rk\xaa\x18M\x90\xbbw)6l\x17\xbc3\xd7e\xe9\xbc/\x88*\x13\xf3\xa9\xc1\xf6\x06`\xbdO\xd2\xfa1\xd2\xc0\xa7u$\"\x89\xbc\xe0b\xd1\r$\xde\xd5@i\x18\xa6k,u\xc4?\xe1\xffE\x8a\xe5\xcd\x9f\xecc\x03\x9b\xa5\xa7\xb6j`\xed\xe5\xcc\xda\xbc~\xe7v`\xef#X\xcc\xdf\xf0\"&\x02\x13\x84\xb0\xc25\xf1\x14\xed\x9a\xde\x92vz\xec\xc2V\xac\xde\xb6\x10\xdfB\xe7\x16\x9f$\x03W\xf75\xae_\xe2\x90\x17\xe5\x1e\'%/H\xb9[\xfb\xbb:\x86U5)\x8b\xdc6\xd7\x1d\xb65\xf4\x1cWw\x1d\xb7z\xea\xff\x88?\xeb=\xc3\xcc$\xbd<\x03n9j\xd3\xaf7\x94PX\x83\x9e\x81\"p\xbc@\x90\x1f\xa6T\xe7\xcc2\x92\xa8/\xc8\f7M\xc0qB\xa1\xc2\xe9\xd3\xe2R\x8eO\xda\xc3+\xca\xef\xe9\x10\xeb\xd3\xb9H\xa3\xbf\xeb\xef_\xa8\xd8$s\xc7\xfb\xf3\xec', 0x0, 0x0)
getdents(r0, &(0x7f0000000280)=""/135, 0x74f)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
lsetxattr$security_evm(0x0, &(0x7f0000002400)='security.evm\x00', 0x0, 0x0, 0x3)

00:35:27 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:27 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_open_dev$usb(&(0x7f0000000200)='/dev/bus/usb/00#/00#\x00', 0x0, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0xc018ae85, 0x0)

00:35:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:27 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000100)={[], 0x0, 0x1a300})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000440)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x8, 0x4, &(0x7f00000033c0)=@framed={{}, [@alu]}, &(0x7f0000000140)='GPL\x00', 0x1, 0xfb, &(0x7f0000000200)=""/251, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x70)
ioctl$KVM_GET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r2, 0x8040451b, 0x0)

00:35:27 executing program 4:
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz1\x00'}, 0x45c)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x2)
ioctl$UI_SET_RELBIT(0xffffffffffffffff, 0x40045566, 0x8)
r0 = syz_open_dev$amidi(&(0x7f0000000000)='/dev/amidi#\x00', 0x100, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000040)=0x10000001d)
ioctl$UI_SET_EVBIT(0xffffffffffffffff, 0x40045564, 0x1)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
ioctl$UI_DEV_DESTROY(0xffffffffffffffff, 0x5502)

00:35:27 executing program 0:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl(r0, 0x1000008912, 0x0)
r1 = socket$inet(0x2b, 0x801, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_int(r1, 0x0, 0x1, &(0x7f00000000c0)=0x1000000000001, 0x4)

00:35:27 executing program 4:
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000100)='/dev/cuse\x00', 0x2842, 0x0)
readv(r0, &(0x7f0000000040)=[{&(0x7f0000000280)=""/140, 0x8c}], 0x1)

00:35:27 executing program 1:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0xff}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
r1 = syz_open_dev$sndseq(&(0x7f0000000140)='/dev/snd/seq\x00', 0x0, 0x0)
read(r1, &(0x7f00000003c0)=""/28, 0x1d2)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r1, 0x4040534e, &(0x7f0000000080)={0x200000000bd})
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r1, 0x40a85323, &(0x7f00000015c0)={{}, 'port0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000]})
r2 = gettid()
timer_create(0x0, &(0x7f0000000100)={0x0, 0x12}, &(0x7f00000001c0))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
tkill(r2, 0x1000000000013)

00:35:28 executing program 3:
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x0)
r1 = syz_open_dev$sndpcmc(&(0x7f0000000000)='/dev/snd/pcmC#D#c\x00', 0xb0, 0x400c0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
r5 = syz_open_dev$adsp(&(0x7f0000000100)='/dev/adsp#\x00', 0x101, 0x0)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_STATS(0xffffffffffffffff, 0x84, 0x70, &(0x7f0000000280)={<r6=>0x0, @in6={{0xa, 0x0, 0x0, @ipv4={[], [], @loopback}}}, [0x1, 0x9, 0x1, 0x0, 0x0, 0x0, 0x6, 0x4, 0x5, 0x3, 0x8, 0x0, 0x6, 0x7ff, 0x966]}, 0x0)
getsockopt$inet_sctp6_SCTP_DELAYED_SACK(r5, 0x84, 0x10, &(0x7f0000000200)=@assoc_value={r6, 0xef5}, 0x0)
r7 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000180)=[@textreal={0x8, &(0x7f0000000140)="66b9810000400f322ed30cbad104ec660f38df2b0fe21526660ff85e503ede1b0f20c06635000000800f22c0b800088ec00fae470b", 0x35}], 0x1, 0x51, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_G_CROP(0xffffffffffffffff, 0xc038563b, &(0x7f00000003c0)={0x0, 0x0, {0x0, 0x0, 0x4}})
sysfs$3(0x3)
ioctl$EVIOCGUNIQ(r7, 0x80404508, &(0x7f0000000000)=""/225)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)
fcntl$getownex(r4, 0x10, &(0x7f0000000400))
getpid()
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r1, 0x40505412, &(0x7f0000000040)={0x6, 0x9, 0x1000000000000000, 0x0, 0x12})
munmap(&(0x7f0000ffb000/0x3000)=nil, 0x3000)
ioctl$SIOCGIFHWADDR(r1, 0x8927, &(0x7f0000001240))
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001100)={r1, 0x0, 0x37, 0x1000, &(0x7f00000000c0)="3a88f6639d846ffd19416514a375cfa16f9223d71b5a61e0028ebadad5526862650171fe8d30ee9751369ba6002597c80b38fff9f01105", &(0x7f0000000100)=""/4096, 0x2}, 0x28)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000c88000)={r0, &(0x7f0000847f95), &(0x7f000089b000)}, 0x3a8)

[  403.768234][T23712] ------------[ cut here ]------------
[  403.773906][T23712] ODEBUG: free active (active state 0) object type: work_struct hint: smc_tx_work+0x0/0x260
[  403.784182][T23712] WARNING: CPU: 1 PID: 23712 at lib/debugobjects.c:484 debug_check_no_obj_freed+0x464/0x5b0
[  403.794249][T23712] Kernel panic - not syncing: panic_on_warn set ...
[  403.796392][ T3907] kobject: 'loop4' (00000000f1994eb1): kobject_uevent_env
[  403.800860][T23712] CPU: 1 PID: 23712 Comm: syz-executor.0 Not tainted 5.3.0-rc2+ #57
[  403.815947][T23712] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  403.821419][ T3907] kobject: 'loop4' (00000000f1994eb1): fill_kobj_path: path = '/devices/virtual/block/loop4'
[  403.826014][T23712] Call Trace:
[  403.826039][T23712]  dump_stack+0x1d8/0x2f8
[  403.826049][T23712]  panic+0x29b/0x7d9
[  403.826058][T23712]  ? __warn+0x126/0x230
[  403.826065][T23712]  ? nmi_panic+0x97/0x97
[  403.826074][T23712]  ? __probe_kernel_read+0x14b/0x1a0
[  403.826092][T23712]  ? debug_check_no_obj_freed+0x464/0x5b0
[  403.867122][T23712]  ? is_valid_bugaddr+0x81/0x100
[  403.872077][T23712]  __warn+0x22f/0x230
[  403.876073][T23712]  ? debug_check_no_obj_freed+0x464/0x5b0
[  403.881810][T23712]  report_bug+0x190/0x290
[  403.886157][T23712]  ? debug_check_no_obj_freed+0x464/0x5b0
[  403.891901][T23712]  do_error_trap+0xd7/0x440
[  403.896419][T23712]  do_invalid_op+0x36/0x40
[  403.900849][T23712]  ? debug_check_no_obj_freed+0x464/0x5b0
[  403.906578][T23712]  invalid_op+0x23/0x30
[  403.908977][ T3907] kobject: 'loop4' (00000000f1994eb1): kobject_uevent_env
[  403.910753][T23712] RIP: 0010:debug_check_no_obj_freed+0x464/0x5b0
[  403.924263][ T3907] kobject: 'loop4' (00000000f1994eb1): fill_kobj_path: path = '/devices/virtual/block/loop4'
[  403.924846][T23712] Code: 08 48 89 df e8 ad e5 49 fe 4c 8b 03 48 c7 c7 ba 55 88 88 48 c7 c6 0d f1 a0 88 4c 89 e2 44 89 f9 4d 89 e9 31 c0 e8 fc 4b e0 fd <0f> 0b 4c 8b 6d a8 ff 05 44 7b 95 05 49 83 c5 30 4c 89 e8 48 c1 e8
[  403.924852][T23712] RSP: 0018:ffff888056aa7b70 EFLAGS: 00010046
[  403.924868][T23712] RAX: e6685998ad545900 RBX: ffffffff88ccc730 RCX: ffff88805a9d6640
[  403.968652][T23712] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  403.976632][T23712] RBP: ffff888056aa7c08 R08: ffffffff816068e4 R09: ffffed1015d640d2
[  403.984607][T23712] R10: ffffed1015d640d2 R11: 0000000000000000 R12: ffffffff8893f0af
[  403.992590][T23712] R13: ffffffff8778c6d0 R14: dffffc0000000000 R15: 0000000000000000
[  404.000593][T23712]  ? smcd_tx_ism_write+0x2c0/0x2c0
[  404.005733][T23712]  ? vprintk_emit+0x2d4/0x3a0
[  404.010445][T23712]  kmem_cache_free+0x6f/0xf0
[  404.015062][T23712]  __sk_destruct+0x558/0x660
[  404.016074][ T3907] kobject: 'loop4' (00000000f1994eb1): kobject_uevent_env
[  404.019670][T23712]  ? __sk_free+0x30f/0x3e0
[  404.019681][T23712]  __sk_free+0x317/0x3e0
[  404.019689][T23712]  sk_free+0x2a/0x40
[  404.019697][T23712]  smc_release+0x232/0x2c0
[  404.019707][T23712]  sock_close+0xe1/0x260
[  404.019714][T23712]  ? sock_mmap+0xa0/0xa0
[  404.019731][T23712]  __fput+0x2e4/0x740
[  404.032849][T23739] kobject: 'kvm' (00000000c55751b1): kobject_uevent_env
[  404.035505][T23712]  ____fput+0x15/0x20
[  404.035516][T23712]  task_work_run+0x17e/0x1b0
[  404.035530][T23712]  prepare_exit_to_usermode+0x459/0x580
[  404.035542][T23712]  syscall_return_slowpath+0x113/0x4a0
[  404.035552][T23712]  do_syscall_64+0x126/0x140
[  404.035564][T23712]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  404.035581][T23712] RIP: 0033:0x413511
[  404.039667][T23739] kobject: 'kvm' (00000000c55751b1): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[  404.043911][T23712] Code: 75 14 b8 03 00 00 00 0f 05 48 3d 01 f0 ff ff 0f 83 04 1b 00 00 c3 48 83 ec 08 e8 0a fc ff ff 48 89 04 24 b8 03 00 00 00 0f 05 <48> 8b 3c 24 48 89 c2 e8 53 fc ff ff 48 89 d0 48 83 c4 08 48 3d 01
[  404.043917][T23712] RSP: 002b:00007ffc777c4e80 EFLAGS: 00000293 ORIG_RAX: 0000000000000003
[  404.043925][T23712] RAX: 0000000000000000 RBX: 0000000000000005 RCX: 0000000000413511
[  404.043930][T23712] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  404.043935][T23712] RBP: 0000000000000001 R08: 0000000094df208d R09: 0000000094df2091
[  404.043939][T23712] R10: 00007ffc777c4f60 R11: 0000000000000293 R12: 000000000075bf20
[  404.043944][T23712] R13: 0000000000062921 R14: 0000000000760378 R15: ffffffffffffffff
[  404.049301][T23712] Kernel Offset: disabled
[  404.179909][T23712] Rebooting in 86400 seconds..