# https://syzkaller.appspot.com/bug?id=9d3902e6e131ea24ead2958eca154c23c7fd5442
# See https://goo.gl/kgGztJ for information about syzkaller reproducers.
#{"threaded":true,"repeat":true,"procs":4,"slowdown":1,"sandbox":"none","sandbox_arg":0,"tun":true,"netdev":true,"resetnet":true,"cgroups":true,"binfmt_misc":true,"close_fds":true,"usb":true,"vhci":true,"wifi":true,"ieee802154":true,"sysctl":true,"swap":true,"tmpdir":true,"segv":true}
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, &(0x7f0000000280)=@raw={'raw\x00', 0x8, 0x3, 0x300, 0x130, 0xa, 0xd0e0000, 0x0, 0x100, 0x268, 0x1d8, 0x1d8, 0x268, 0x1d8, 0x3, 0x0, {[{{@uncond, 0x0, 0xc8, 0x130, 0x0, {}, [@common=@inet=@l2tp={{0x30}, {0x0, 0x0, 0x3, 0x1, 0xc}}, @inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'pptp\x00', 'syz1\x00'}}}, {{@uncond, 0x3202, 0xd8, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@set={{0x40}, {{0x0, [0x0, 0x4]}}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{}, {0x10, [], 0x0, 0x4}}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x360)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000340), 0x0, 0x0)
io_setup(0xffff7fff, &(0x7f0000000000)=<r2=>0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newsa={0x150, 0x10, 0x413, 0x0, 0x0, {{@in6=@ipv4={'\x00', '\xff\xff', @broadcast}, @in=@remote, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0xee01}, {@in=@broadcast, 0x0, 0x32}, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, {0x0, 0x0, 0x8000}, {}, {}, 0x4000, 0x0, 0x2, 0x1, 0x0, 0x40}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "25cac5216d1c8af0a976902918bf448c5d9f5459"}}]}, 0x150}}, 0x0)
r4 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_clone3(&(0x7f0000000000)={0x285002400, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x46)
syz_kvm_setup_cpu$x86(r4, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000005700)=[@text16={0x10, 0x0}], 0x1, 0xc, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000580)=[@text64={0x40, &(0x7f0000000200)="440f20c0350b000000440f22c00f4eceb8010000000f01c13e0fd92da047f050b9800000c00f3235000100000f30666565440fc7f70f22e6c744240033000000c744240200800000ff1c24c4627d1aa069ed126f66bad104b00bee", 0x5b}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_CAP_HYPERV_ENFORCE_CPUID(r5, 0x4068aea3, &(0x7f0000000000)={0xc7, 0x0, 0xdaa})
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES8, @ANYRESOCT=r2, @ANYRES64, @ANYRES64, @ANYRES64, @ANYRESOCT=r2, @ANYRESOCT, @ANYRES8=r5, @ANYRESHEX=r0], 0x50)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
write$sysctl(0xffffffffffffffff, &(0x7f0000000000)='4\x00', 0xfffffffffffffe12)
bind$bt_hci(r6, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r6, &(0x7f0000000000), 0xd)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
mount$9p_virtio(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', &(0x7f0000000140), 0x2, &(0x7f0000000640)=ANY=[@ANYBLOB="7472616e733d76697274696f2c6163636573733dd8073120167821832dec4081330c0084a96667b9f10008c71084e5443029824a3c6376f3d5725539839d69b4982d4cda01ca8f968a06497aa4c5ab3d38ad6b71fd820663a4c81e34640138101db27fd0c73faa224595071acfabaf11cdb2", @ANYRESDEC=0x0, @ANYBLOB=',\x00'])