d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f65"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:31 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x2201, &(0x7f0000000240)=0x42)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2000, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0)

00:20:31 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x3, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0, 0x2}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(&(0x7f0000000080)='./file0\x00', 0x40c5, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
dup(r3)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f00000001c0)={0x0, 0x119000})
shmctl$IPC_STAT(0x0, 0x2, 0x0)
bind(0xffffffffffffffff, &(0x7f0000000080)=@generic={0x0, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c5811039e15775027ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
sendmsg$xdp(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)=[{&(0x7f00000004c0)}, {0x0}], 0x2, 0x0, 0x0, 0x8000}, 0x4008084)
ioctl$KVM_DEASSIGN_PCI_DEVICE(0xffffffffffffffff, 0x4040ae72, &(0x7f0000000140)={0x40, 0x0, 0x4})
syslog(0x3, 0x0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000000180)={0x0, <r4=>0x0}, &(0x7f00000001c0)=0x9)
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000680)={{{@in=@local, @in=@dev}}, {{@in=@initdev}, 0x0, @in=@initdev}}, &(0x7f0000000040)=0xe8)
ioctl$TUNSETGROUP(0xffffffffffffffff, 0x400454ce, 0xffffffffffffffff)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
lchown(0x0, r4, 0x0)
r5 = syz_open_procfs(0x0, &(0x7f0000000080)='loginuid\x00')
sendfile(0xffffffffffffffff, r5, 0x0, 0x1)
ioctl$KVM_S390_INTERRUPT_CPU(r5, 0x4010ae94, &(0x7f0000000000)={0x1bd, 0x80, 0x80000000})

00:20:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fc"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  299.738044][T10682] EXT4-fs (sda1): re-mounted. Opts: usrjquota=,
00:20:31 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x0, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fc"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  299.984517][T10704] EXT4-fs (sda1): re-mounted. Opts: usrjquota=,
00:20:31 executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ppp\x00', 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000300)=0x4)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00003dd000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r3, 0xc004743e, &(0x7f00000001c0)=""/246)
dup3(r2, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

00:20:31 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fc"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:31 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:31 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x2201, &(0x7f0000000240)=0x42)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2000, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_GET_NOTIF_SIZES(0x3, 0x0, 0x0)

00:20:31 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:31 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:31 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$KDGKBDIACR(r0, 0x4b4a, &(0x7f0000000180)=""/116)

[  300.598515][T10739] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  300.598515][T10739]    program syz-executor.3 not setting count and/or reply_len properly
00:20:32 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, 0x0, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  300.701647][T10751] sg_write: data in/out 1070564296/644 bytes for SCSI command 0xb5-- guessing data in;
[  300.701647][T10751]    program syz-executor.3 not setting count and/or reply_len properly
00:20:32 executing program 1:
set_mempolicy(0x4003, &(0x7f0000000000)=0x101, 0x2)
clone(0x40108000, 0x0, 0x0, 0x0, 0x0)

00:20:32 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x2201, &(0x7f0000000240)=0x42)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2000, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

00:20:32 executing program 0:
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f00000002c0)='/dev/ppp\x00', 0x0, 0x0)
ioctl$PPPIOCNEWUNIT(r1, 0xc004743e, &(0x7f0000000300)=0x4)
r3 = openat$ppp(0xffffffffffffff9c, &(0x7f00003dd000)='/dev/ppp\x00', 0x0, 0x0)
ioctl$EVIOCGPROP(r3, 0xc004743e, &(0x7f00000001c0)=""/246)
dup3(r2, r3, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)

00:20:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:32 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:32 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

[  301.056702][T10768] IPVS: ftp: loaded support on port[0] = 21
00:20:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  301.107618][T10770] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  301.107618][T10770]    program syz-executor.3 not setting count and/or reply_len properly
00:20:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:32 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x713000)

00:20:32 executing program 0:
clone(0x7fa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
clone(0xa102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f00000002c0)={@ipv4, 0x0, 0x0, 0x0, 0x6}, 0x20)
socket(0x0, 0x0, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$sock_FIOGETOWN(0xffffffffffffffff, 0x8903, 0x0)
ptrace$poke(0x4, 0x0, 0x0, 0x0)
getegid()
ioctl$int_in(0xffffffffffffffff, 0x0, 0x0)

00:20:32 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x2201, &(0x7f0000000240)=0x42)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2000, 0x0)

00:20:32 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb40200000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:32 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  301.688987][T10807] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  301.719946][T10807] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  301.724657][T10805] sg_write: data in/out 1070564296/644 bytes for SCSI command 0xb5-- guessing data in;
00:20:33 executing program 0:
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001100)='/dev/fuse\x00', 0x2, 0x0)
writev(r0, &(0x7f0000000680)=[{&(0x7f0000000240)="1e", 0x1}], 0x1)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)

00:20:33 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x713000)

[  301.724657][T10805]    program syz-executor.3 not setting count and/or reply_len properly
00:20:33 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:33 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb40200000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:33 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x713000)

00:20:33 executing program 0:
creat(&(0x7f0000000100)='./file0\x00', 0x0)
open(0x0, 0x0, 0x0)
getuid()
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001100)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000300)='fuse\x00', 0x0, &(0x7f0000001500)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x8000}, 0x2c, {'user_id'}, 0x2c, {'group_id'}})
write$FUSE_NOTIFY_INVAL_INODE(r0, &(0x7f0000000040)={0x28}, 0x28)
openat$fuse(0xffffffffffffff9c, &(0x7f0000001100)='/dev/fuse\x00', 0x2, 0x0)

00:20:33 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:33 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x2201, &(0x7f0000000240)=0x42)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x2000, 0x0)

00:20:33 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x713000)

[  302.217903][T10842] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  302.217903][T10842]    program syz-executor.3 not setting count and/or reply_len properly
00:20:33 executing program 0:
r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0)
readahead(r0, 0x0, 0x0)

00:20:33 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb40200000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:33 executing program 1:
ioctl$TCXONC(0xffffffffffffffff, 0x5600, 0x713000)

00:20:33 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x2}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:34 executing program 1:
ioctl$TCXONC(0xffffffffffffffff, 0x5600, 0x713000)

00:20:34 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
ioctl$SG_SET_TIMEOUT(0xffffffffffffffff, 0x2201, &(0x7f0000000240)=0x42)

[  302.826073][T10877] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  302.826073][T10877]    program syz-executor.3 not setting count and/or reply_len properly
00:20:34 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(0xffffffffffffffff, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:34 executing program 0:
recvmmsg(0xffffffffffffffff, &(0x7f00000028c0)=[{{&(0x7f00000004c0)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast2}}}, 0x21a, 0x0, 0x59, 0x0, 0x1d7}}], 0x1, 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='sessionid\x00')
preadv(r0, &(0x7f00000017c0), 0x315, 0x0)

00:20:34 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x2}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:34 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:34 executing program 1:
ioctl$TCXONC(0xffffffffffffffff, 0x5600, 0x713000)

00:20:34 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

00:20:34 executing program 0:
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x0, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x9, 0x800000000}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
fcntl$setpipe(r2, 0x407, 0x0)
fcntl$F_GET_FILE_RW_HINT(0xffffffffffffffff, 0x40d, 0x0)
write(r2, &(0x7f0000000340), 0x41395527)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffffffffffb}, 0x0)
link(&(0x7f0000000340)='./file0\x00', 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r3 = socket$inet6(0xa, 0x2, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x70, 0x6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x9}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
connect$inet6(r3, &(0x7f0000002740)={0xa, 0x0, 0x0, @local, 0x4}, 0x1c)
sendmmsg(r3, &(0x7f0000007e00), 0x136a88c8311572c, 0x0)

00:20:34 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x2}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  303.163773][T10893] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  303.163773][T10893]    program syz-executor.3 not setting count and/or reply_len properly
00:20:34 executing program 1:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x713000)

00:20:34 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:34 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:34 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

[  303.498991][T10914] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'.
[  303.572618][T10914] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'.
[  303.590859][T10919] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  303.590859][T10919]    program syz-executor.3 not setting count and/or reply_len properly
00:20:35 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:35 executing program 1:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x713000)

00:20:35 executing program 0:
mknod$loop(&(0x7f0000000100)='./file0\x00', 0x400002200006007, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = creat(&(0x7f0000000000)='./file0\x00', 0x0)
mmap(&(0x7f0000000000/0xfda000)=nil, 0xfda000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
ioctl$BLKGETSIZE64(r2, 0x1260, &(0x7f0000000080))

00:20:35 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:35 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:35 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

00:20:35 executing program 1:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x713000)

[  304.033123][T10936] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'.
[  304.067535][T10939] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  304.067535][T10939]    program syz-executor.3 not setting count and/or reply_len properly
[  304.092280][T10936] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'.
00:20:35 executing program 0:
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r1, 0x0, 0xf0ffffff7f0000)
write$fb(r1, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
r2 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r2, 0x5412, &(0x7f0000000040)={0xffffff80})
ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000001080))
write$fb(r0, &(0x7f0000000040)="c2", 0x8800000)

00:20:35 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r1 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r1, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:35 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:35 executing program 1:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x5600, 0x713000)

00:20:35 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)

[  304.356908][T10958] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'.
[  304.368084][T10958] netlink: 64 bytes leftover after parsing attributes in process `syz-executor.5'.
[  304.503794][T10967] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  304.503794][T10967]    program syz-executor.3 not setting count and/or reply_len properly
00:20:36 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:36 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x2}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:36 executing program 0:
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r1, 0x0, 0xf0ffffff7f0000)
write$fb(r1, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
r2 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r2, 0x5412, &(0x7f0000000040)={0xffffff80})
ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000001080))
write$fb(r0, &(0x7f0000000040)="c2", 0x8800000)

00:20:36 executing program 1:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x5600, 0x713000)

00:20:36 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:36 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:36 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x2}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:36 executing program 1:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(0xffffffffffffffff, 0x5600, 0x713000)

00:20:36 executing program 0:
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r1, 0x0, 0xf0ffffff7f0000)
write$fb(r1, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
r2 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r2, 0x5412, &(0x7f0000000040)={0xffffff80})
ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000001080))
write$fb(r0, &(0x7f0000000040)="c2", 0x8800000)

00:20:36 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:36 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:36 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x2}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:37 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:37 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x0)

00:20:37 executing program 0:
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r1 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r1, 0x0, 0xf0ffffff7f0000)
write$fb(r1, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
r2 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r2, 0x5412, &(0x7f0000000040)={0xffffff80})
ioctl$TIOCLINUX3(r2, 0x541c, &(0x7f0000001080))
write$fb(r0, &(0x7f0000000040)="c2", 0x8800000)

00:20:37 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:37 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:37 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)

00:20:37 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x0)

00:20:37 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  305.959892][T11030] sg_write: 3 callbacks suppressed
[  305.959936][T11030] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  305.959936][T11030]    program syz-executor.3 not setting count and/or reply_len properly
00:20:37 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r0, 0x0, 0xf0ffffff7f0000)
write$fb(r0, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
r1 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r1, 0x5412, &(0x7f0000000040)={0xffffff80})
ioctl$TIOCLINUX3(r1, 0x541c, &(0x7f0000001080))

00:20:37 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:37 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCXONC(r0, 0x5600, 0x0)

00:20:37 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB, @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:38 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4), 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:38 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)

00:20:38 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r0, 0x0, 0xf0ffffff7f0000)
write$fb(r0, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
r1 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r1, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:38 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a47467", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:38 executing program 1:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0)
ioctl$TIOCLINUX3(r0, 0x541c, &(0x7f0000001080))

00:20:38 executing program 1:
syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f00000000c0)=0x7)
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:38 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a47467", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  306.923217][T11070] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  306.923217][T11070]    program syz-executor.3 not setting count and/or reply_len properly
00:20:38 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r0, 0x0, 0xf0ffffff7f0000)
write$fb(r0, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
ioctl$TCSETSW(0xffffffffffffffff, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:38 executing program 1:
r0 = syz_open_dev$vcsa(&(0x7f0000000040)='/dev/vcsa#\x00', 0x4, 0x0)
read$fb(r0, &(0x7f0000000080)=""/4, 0x4)

00:20:38 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_REGS(r1, 0x4090ae82, 0x0)

[  307.472457][T11105] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  307.472457][T11105]    program syz-executor.3 not setting count and/or reply_len properly
[  307.514521][T11105] sg_write: data in/out 1070564296/644 bytes for SCSI command 0xb5-- guessing data in;
[  307.514521][T11105]    program syz-executor.3 not setting count and/or reply_len properly
00:20:39 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4), 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:39 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a47467", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:39 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r0, 0x0, 0xf0ffffff7f0000)
write$fb(r0, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
ioctl$TCSETSW(0xffffffffffffffff, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:39 executing program 1:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x5}, 0x0)
socket$inet6(0xa, 0x0, 0x0)
pipe(&(0x7f0000000200)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(0xffffffffffffffff, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x0, 0x0, 0x3}, 0x0)
recvfrom(r1, &(0x7f0000000140)=""/163, 0x100000345, 0x0, 0x0, 0x0)
sendto$unix(r1, &(0x7f0000000140), 0x14ded905162a6a4b, 0x0, 0x0, 0x429)
recvfrom(r1, &(0x7f0000003240)=""/4096, 0x100000205, 0x0, 0x0, 0x415)
sendmsg$IPVS_CMD_SET_SERVICE(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="81343c6b661fd1400000000000000084ca9613929bf600000000"], 0x1}}, 0x0)

00:20:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:39 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:39 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a474673540000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:39 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r0, 0x0, 0xf0ffffff7f0000)
write$fb(r0, &(0x7f0000000080)="c4a2891bb2af5fcf377e6e22ee0236ecff443c4192a7d319f7a7934164a3ef5fe7f8c5f5861babf5546a9e35a9b33f2e7954428cfe2dcba33803ada9d9a267538af73b26a564e6d4bd26292f670c3455f7170e2493d53d1187e55267cc9b39fce1e5f856c5f774fd4c36edaf19848690a3a4f7a813b929ed8e8813b928440f29695dc3ea048a89d7b190c013f1d1f1fa8cd2aecfb14f589406e2be5a92ba58810d2abb64e704a717a3c13ab50c10cd968ad7375901c1d47be0fd2db078deddc1fe0793109e7590c43d2a79764254b63cf098a67beb85eabb0b7061414bd6893721d5f277c8d1e556b33d60d45db00e15f01678865c1324754703927f38ea842947e7248f708d02f3103933d88a10cc74f90a2753d7153ff0f9076d16bf80ff8d5f734c63e232356b585f4276dce2fe41f93be26f83921f22cd78f5ce20118389dd95e04e32cf82e14e5bd6b281a4c7468d9e37252130b454f8ac47528077100e257b242ee7d5ca2ce59e6c8252cd620c1e557d0e122d7dae71de340bc4fcf3dd605ee60debb0a49f26396c0984e3adf341b90318d9a9da1988fdb46a3c435ca87254a5db5915863b3c8240ed5e3fda1f856edce370d33bfc0dd80605ade7e55e4929446607d62988d4e2eb9359168cd49f83ef443815f3b71a13c994daf2f848d2991de960f3c0cdfcf5de9b5670d30d16189121820be2aeefad5f01eaafd8f14b93683f7a1222b3421995646b83b219cf32a38f00f0d572866cbed4da55866f3fc32051502137e4d6c9c9ac81cbd4cd8960d3ccf928b58ec4784417d7c26f4dcb3b8c72cbd7a7b242dd6a4d74bcb5ffc5d45c9f54fffc3b8349d47dd8fe138ce817b9e9d480ffebd367cf3655b6630f5361bdb7d5bbefc2d379dfd125422c4905e44a0429be22d1190f14ddbf032a6d32a2ebe53ab754dda2d3e346aceb3738eb7ce0a97cc07d9840b12c1b77709853bf807838b096260d208fe90c89983bbb057ec5a1dae5d18833fb87208a3378880240d2571f31c3b711e79c14d86940f531636df3cfc2eda448da26bb66cbec851a8169ce39b988c7afba507155aff2e037d17d7826292286702a626b12b74663c982ec69014e8d02b06fca0e434945b0216342420590b4139dffe3002991917608e63e0cd73bdd4254380a15820b02f6a27cd79c9ede7f69cb254ca1c8e6d75f6443c2e886ef4cefb5d45da238f9e6fde7ea63cd2c57f30c74b7215f8da5730d960f6a90ff1471f8f3407d8eb65444c2829fc59fe90a26472115efbbb323832685e853ce9649e0f04a0ede34ef428d080313f01db4bc98a238798664ea7332c4d622a201da301475448804ad92877fbdcee3af600e7bc20cab8c113cd9eba55a11828cd7cf5894426667064c1c7e11d8e7e94ebd08c4d0e9f07ef120f7865c81af357b479ca9dc76a1fc4563fec2735fd9c05cc2e3bff4c549efa8aeb130ce784e14b4ed4c61262f5e772f0f53f7168f8d0ee9f3402ad761e59b032424cf1de53411a77b58f847cf266793bdf222d9641025d09f009808d93833d361855518180f349d59a7808d6e172a273751a1d822f2cc833cfaa8a28f094b38c926ea13b5308b7963be01c97979328bfcb41414b2d0b761bbb236f948c1bcedfe598b22cd23566cbfc89e99ebbf662dc77d23714f61115b1fa63efb23cdb55c53f1a54153dc5fb2451db0f71ceb0df65f63feff1adb900c7782d91be8dc13be5963f597d31f8b9a841bfd3e96858b5d367f0535ab3f5b86b696f22aad527b44c55047eb437ad2ce88745ca172bdd3c49d0c2fbe47fe90def80719411c27ce17bcd4971533df52f90d590acd155433fc3147edecd4f613b58fd31dea592ae697ba43cb8018d05f65092403e1e84881afdc8d64c54e48a105763d459d8faa4c22fa89dfa7f4e67af40959885fb89488a52810783650ea8cacc383c906fe98799639ee9704a1a5df36848b87ab53ffd3597c126b9b351873ce7ef3731467785c32b58e468b1d990ec338f68f794e80ccd16f095c82c549fbf20b9e470864100c07f6ad5583d59323fae10ff22db1f72a58944dd7a2293d3f2dde9c11bd6bd30d6c8404d70c962a46200b8cf4d20f285aa275aea7b81972e42b838f424560ac7547115a032bba93932a1dff76e275bb30af3307dd4fee566bf082440cfedaeb4338af103ef3946aa191b8291c8f86a52c7baa445354e4168eb207881c1779a26570d51ced48fd5682eb84e7676050c13132b43855a467011e1c6dcdf4edd2663aa2a762eae67583c4e9a1201abb3f8cefaf21bcfd3e81b4423cd8c94d4da9a73c375659dff085649e79f925aaf96575c889e931042791b08ed276ae62e990ee02f77d4b2f50cf47c0ee26773b423ace0c1925d768ab9b4369aec3d0fe68b181532d57c5227491f9e755998c2bb61f8f37435897857776a21760f48ab28236fd30f37e7e618dd3b4b6a2ebdf658b369e5f0a21981989dc4d8c01d242853c94cb1559fb01d075db70dfa3f422282d05c6da3cc535cb528dcceeb3d05bfb9aaf2a1783a0d949312b4e09b00d333c28eae7e1a29cae1059cf247718149244046c9a6486dfa0db267370b113ce04c6b29d04ff9cefdb52988759dd3881761114b3cc05f782fc24991e3acfa791c96f67aaa62bd7afd62131e40562bdf1bb6237e30ea3ac84b8d2301ed3ae4f96e39763a1dda36e7e4345b4e699192e4d160f04244b0c82cdb5b21df8f11597f779904a32129edf84e2107e99714c362c6c14cbec87f107a2057f5c91153772074c30b6fc39267c3ecffc725f1da6abd86393294e99257132f09b271c55d89beb7c3505810956ac06ea1a96a6468235965ef4cd0492d1149868233622eb11c5f761bbd3bd609c8563578396bfd762ea413c2b8d3d11cdd0ea1ab8a1e6b1c6d0c2c389ad92da82abd0787b736e6b7ce74c1ff0a8fcf75466a773baa784154583a50864532dc63cd9348658f599589c35a3104a265e124b11f6f2070d2c1b83fb38f85987cfe37b39ff604b13ef8a2a52ec9ec84952eedfdae8eecab69c86961be60d4be8dc10894df0d70db747ad86b5d8b2fa1005074d798b6c8b420a69849e16b47760c5567ec1bb22591a1f170d8265ec6763b16cb546426ec885015d5aee5747285457dc3712c39f440011d352103c549ada5e39717dd51ec081d6fe979fd1835cf89e16220fa236172dd7ab284e4a4e65c6f48400d4f8353ae9dd6635a9acd2a12f9b11abf6ec0013bf798b99d595f6ca6c55118ef44b85cc148fa62cfb766df24a1c755425686f912e43fd12bb5a7546bfaac3ce002a31064f28250d68c7b2ab26465b0176ffc0fd96f5101618c52a45f81f431f37db05fc346578fc9058cc3e4fec394f1046c24595d91bce5457349309b1e7671c1248917761f93b388528c6b23134917c88f94899db149eaaad2a12b783419668eecbfe8127f9c155ba9e64971405a33d55dd05139be8a2061427c82a2ccb4d01bddfbb7854efbe9f4cd4531209dc43651d63a0ad8a641b4ca9b97e0b62fb89bbcb96cf62d4bf23e8f3d3b83bb702a7f0c11ad2a71aef2ce4b6e0878144ab99f0c45454101eec431fc7db9997d9926385b609b3d45a2a9d6215c19d8eb78c184efc6c5da4d5b1fea021c6acc7a67b8ecdc447f72b313652055f099741e441e686150497ae831b99fd38907ac7c9016fd4ea44c8ac95aa5aa4c7bb7fafb817709ade23f6208106d50e7a80fe0259bcc8838f5e9bbb0bc7633ecd835a7b60ba0a3a2aff642b46a0eb9118e0e125e3339338958ebbffe2dee0885775d0c3aa859a38ef42a0ccae219844b3127e3f7ebf1bcaef46c198dac32e656604c5c3aa601799305cea312f1fe4dbff6dae980ea8054c6109f2ab027e41aa3d141da600e8b72c53e7193d33217f0159f5a25b1bec497993d94d17105a75fb9aeee4bd43057b325c4d5ddd109f8e42982d414dd7c36c54121d6e73272c6fa80c2f3e4a038fd9a6f47f8eb531b518f4a93d15f56aee9fdbed406d6f7827c13bf5bba00b0117f963ec84c8cd2ac8d52388bb023558075188bd2d316e5aab6ae44b9d566f4bcad5680a252ea613cb54077668eb1bc0630e5c9bf1e270ac1bdb6b0445ed5313e8b014085c722b6237c3daabbfce76f0b5df72aabc2da728585c46075ea08ce8b134bd6a9bdde325f046a73a039b161eacfc99f9edd995dcc5395d6ef80b9e829df7f6d0eb7b2611d6548731a453b1fdfa715d5b75f1c44cfe733b0f9276607f75c51795f38054a43eb6c6d303c74fda926440259b80f451d2cc2d2c6cac259cb2543745925a7410d1b02f99ff85f9c2e642d0106160f8c6b3a6a36a61586e1824c42a34cd96c262e6cbbb7d6041472747f4f609942c191a4d01c2ae274977f1f3aa6a71bda3412f9b10b50fadf7570da907ba7ebe2be2bd56ad8b04103c46e1f1f715dd113d505b9dcb31bfe4353002af4f8c71bdf988d0b02d6ac814f6a2a7d8b10ac9f896b822abbbfd31b00d94cfa1b5745b0087a462b43d22e44200b3b8d73bf576416bb0c3c25694d68225698d58861f023347738e7f950d63bab2532d8e46dabcf00d5b9cb2d3b4de6dfa655a4b2186556ca787ed7415210b8c20b46b07359c5cc0a1386538908b1cf1b85a9413ae5aa651f3633284c60e3ba3c771d574cb5482c5682f15e9167f40aaab2ae5b77c447e062a34383e3616345fc33059da80722dfa939018aa8ea51019f966171d71253326789841a39008cf9b064130de7348dd23d2603b994e5bb7508265633a6d3e43bfd4b39ca497aba3f36b3a5c89dc6407dc9c3c824c9945b9455e14094e4609334b85657dca46d860fe2f39bfdb56430b00732b3ee8a5d6a8dd0a619146b49f4a36680ee0e3e6b1b9d1bb0eabc805a1f924ceb26d37d7c5dee67858ba095ff923a8b0c55c2da6a2322cf1713463c0904530d95b3ee3860c764ed573b73cebe1cc9f60ba76781dd7f9ccc00e4d0b5f29e2c89709bfb14fc0e1d90211694b79df598a67c991c17e97eabc7da00cc8d118f684351854782b0011d7bae51dd10ec4425c5b45f54f4785784b492ec8dcae4c30f92c3c0b8dc668ba8811c02bcb37dce81fbfdf8e8be69d38877979dcdc350618b47a1cd7f86a640c97eae1d4951f99e45e18243207c77ac764761f17b871b3d19e33e5854cd431ab29ed2d219f5aecc568d462ef28ef04a712b47638ce787ad6ca0ee74b4885c338a1465781b3d15fd838198d7840ab54fef155fb553bb1265ded7797aaf099f65eb029c9b7b383846024068c091ac3dbd61b2d5a4ab11f3d0b60f90b63285f6687685df32183ef324e3eb9aa0b6b4d4f206cf07d4b6946b4da6257826532754e88076090b00380bb2a6a6cfabdfcd43303e18dbbe8a541f020c43b2b8ce85654190f260bf992e8d34c3df8c398e9858fbbc42be87464abcab450b7f7f7c80426f273b1a379ea6303b9d8811ab120aed1f4db3c7cc86067949c895724181f17028ef1e20d8d8a36dc570b17ada19d07a607d308bf569fe9a15f4c8d2d0e49870725738f5bd694fdefb9fbd36c24bc6308906f5a4608a11187e758f8ed0d7ece001da078cb94a9f4aba14f63508bdc51555e3fe37636f4fcae82aa985527c79b62a58157b835c37af5e532a1143c429c3ce9c9eb865294178a60fc6089d8a2607d21342f37a890ba538890c676d5a900c064b7a11cce77c7fb32c16af793b142f52c2bce81c3000890ea427137664be32f2044150c59b5a579dff81cda3195c2b2197c3a47c5489e6498d08a9759", 0x1000)
ioctl$TCSETSW(0xffffffffffffffff, 0x5412, &(0x7f0000000040)={0xffffff80})

[  307.890679][T11120] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  307.890679][T11120]    program syz-executor.3 not setting count and/or reply_len properly
00:20:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:39 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
write$fb(r0, 0x0, 0xf0ffffff7f0000)
r1 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r1, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:39 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a474673540000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:39 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  308.366834][T11154] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  308.366834][T11154]    program syz-executor.3 not setting count and/or reply_len properly
00:20:40 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4), 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:40 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0xc823035de211e4d9, 0x0)
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:40 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a474673540000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:40 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:40 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000880)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_GET_PIT(r1, 0xc048ae65, &(0x7f0000001140))

00:20:40 executing program 0:
openat$fb0(0xffffffffffffff9c, &(0x7f0000000000)='/dev/fb0\x00', 0x400001, 0x0)
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040)={0xffffff80})

[  308.861274][T11167] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  308.861274][T11167]    program syz-executor.3 not setting count and/or reply_len properly
00:20:40 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a474673540000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:40 executing program 1:

00:20:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:40 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
write$binfmt_elf32(r0, &(0x7f0000000700)=ANY=[@ANYBLOB="db3f06f8ec83cf3f00000060dc4b9e3237d0cb0a0000000000000008526c8b4741b9292ab545d6d15a8d32ee6c358f53186882f500eac27b30301f8fe21424983c437530b2411deb7ed069ca50ba39bff3cb3361235b45728489f9e45d793522658917072a47a400beb64c48455f2c815d191109b497d59b988776787ee305d86e053adc92bd82fdbe772fd53e13c520bedf64f638035597e892dfd9947cb2f7619266ccb03092d2ec2e43281e4df2c960d9390317b9608dc023737f898cae5065a19fcd554a3c0d0a161bd961b43af340668e27467cce502687e1db6bbea0da2798f5ddc91b8b7b6bc4197dc9b00f860aa44e892731fc373e49ba1e286177df78522665abff35c6bcaacebdb6b680d481ae671b4aec4b0882319b17f467a59ff8d61e5ce78fac3decde0e6a08fd0d7bdea4a0a763f2da618042abc931657864d77e3d5b32f51a6a4a9ec82c16e1d27b389747d3f0982fd14138c068f277a224aa9a41509f6e1e00a13ba22734f6b4e0bd069dc7abc0023126ae4cdf369e7257fe31615717cc6951e4417efe1f73ff80c3bb5f08e64a763b4252f39f0a4b1e22b8e975fbbfef8b562d3eb5880000000000000000002d754f7f04ad3873d53cbb267b1ebd17b29bfe6aa6eec40f48598dc58c0eabacf9d27188ff139de50321dd0fa2e539b2e262d2b1baf1c47b0efa974b3b9ce5407311244afcf28d927441707dbc1ff96306462bead35d83fa6dc7b099ec552427f7149a347018e73661ddade7a2d2f3a99c859de54a2f428b045a12f69034e487986297ec8b25b9888201d74796e9c0a6b34ba91d40d43448441d7e9ff2dd18ea0e7b1501fe42d4992a31dd4a76f6fc65f9c3c2a78c29b8c2334cd0671a586086ccdadd76c8417c8f5cbf23e4c6fd60d2d3576a80ba88c430e6fede6d4c993785f89fd14d4e57b4b8e4", @ANYRES16=0x0, @ANYRES16=0x0, @ANYRESHEX], 0x2b4)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:40 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a474673540000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

[  309.321781][T11198] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  309.321781][T11198]    program syz-executor.3 not setting count and/or reply_len properly
00:20:41 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:41 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:41 executing program 1:

00:20:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:41 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a474673540000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:41 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:41 executing program 1:

00:20:41 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a47467354000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:41 executing program 0:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040)={0xffffff80})

[  309.774124][T11213] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  309.774124][T11213]    program syz-executor.3 not setting count and/or reply_len properly
00:20:41 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:41 executing program 1:

00:20:41 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a47467354000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:41 executing program 0:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:41 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:41 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(0xffffffffffffffff, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:41 executing program 1:

00:20:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:41 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a47467354000000000000000", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x3}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:41 executing program 0:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:41 executing program 1:

00:20:41 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, 0x0, 0x0, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

[  310.501965][T11255] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  310.501965][T11255]    program syz-executor.3 not setting count and/or reply_len properly
00:20:41 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x0, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:41 executing program 0:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:42 executing program 1:

00:20:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:42 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:42 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, 0x0, 0x0, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:42 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x0, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:42 executing program 0:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:42 executing program 1:

00:20:42 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x0, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:42 executing program 0:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(0xffffffffffffffff, 0x5412, &(0x7f0000000040)={0xffffff80})

00:20:42 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, 0x0, 0x0, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:42 executing program 1:

00:20:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  311.245157][T11301] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  311.245157][T11301]    program syz-executor.3 not setting count and/or reply_len properly
00:20:42 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:42 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:42 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
write(0xffffffffffffffff, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:42 executing program 1:

00:20:42 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, 0x0)

00:20:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:43 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, 0x0)

00:20:43 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:43 executing program 1:

00:20:43 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
write(0xffffffffffffffff, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:43 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, 0x0)

00:20:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:43 executing program 1:

00:20:43 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:43 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:43 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
write(0xffffffffffffffff, &(0x7f0000000080), 0x0)
write(0xffffffffffffffff, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:43 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TCSETSW(r0, 0x5412, &(0x7f0000000040))

00:20:43 executing program 1:

00:20:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:20:43 executing program 1:

00:20:43 executing program 0:

00:20:43 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
socket(0x10, 0x80002, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:20:44 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:44 executing program 0:

00:20:44 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:44 executing program 1:

00:20:44 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
socket(0x10, 0x80002, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:44 executing program 0:

00:20:44 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:20:44 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x8000, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:44 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11)
ioctl$KDSKBMETA(0xffffffffffffffff, 0x5437, 0x0)

00:20:44 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11)
ioctl$KDSKBMETA(r0, 0x5437, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)

[  313.459077][T11418] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  313.459077][T11418]    program syz-executor.3 not setting count and/or reply_len properly
00:20:44 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
socket(0x10, 0x80002, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080), 0xe, &(0x7f0000000100)}], 0x492492492492642, 0x0)

00:20:44 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x4000000000013, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:45 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, 0x0, 0x0, 0x0)

[  313.799380][T11438] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  313.799380][T11438]    program syz-executor.3 not setting count and/or reply_len properly
00:20:45 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:45 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:45 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, 0x0, 0x0, 0x0)

00:20:45 executing program 0:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11)
ioctl$KDSKBMETA(r0, 0x5437, 0x0)

00:20:45 executing program 1:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000380)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x2)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x11)
ioctl$KDSKBMETA(r0, 0x5437, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)

00:20:45 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, 0x0, 0x0, 0x0)

[  314.557995][T11490] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  314.557995][T11490]    program syz-executor.3 not setting count and/or reply_len properly
00:20:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:46 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:46 executing program 0:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
sysinfo(0x0)

00:20:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180), 0x0, 0x0)

00:20:46 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:46 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:46 executing program 0:

00:20:46 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180), 0x0, 0x0)

00:20:47 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:47 executing program 1:

00:20:47 executing program 0:
open(&(0x7f0000000000)='./file0\x00', 0x10002, 0x322)

00:20:47 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:47 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:47 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180), 0x0, 0x0)

[  316.108343][T11564] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  316.108343][T11564]    program syz-executor.3 not setting count and/or reply_len properly
00:20:47 executing program 1:
creat(&(0x7f0000020580)='./file0\x00', 0x0)
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
openat(r0, &(0x7f0000000000)='./file0\x00', 0x400500, 0x4)

00:20:47 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
connect$inet(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:47 executing program 0:
open(&(0x7f0000040b80)='./file0\x00', 0x10010, 0x0)
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = dup2(r0, 0xffffffffffffffff)
fchmodat(r1, &(0x7f0000000080)='./file0\x00', 0x160)

00:20:48 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, 0x0, 0x0, &(0x7f0000000100)}], 0x1, 0x0)

00:20:48 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:48 executing program 1:
r0 = socket$inet6(0xa, 0x40000000000001, 0x0)
bind$inet6(r0, &(0x7f000044f000)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
r1 = socket$inet6(0xa, 0x3, 0x6b)
ioctl(r1, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8475071")
listen(r0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000080)={@local, @empty, [], {@ipv4={0x800, {{0x8, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @remote, {[@rr={0x7, 0xb, 0x5, [@multicast1, @rand_addr]}]}}, @tcp={{0x0, 0x4e20, 0x41424344, 0x42424242, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)

00:20:48 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:48 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:48 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, 0x0, 0x0, &(0x7f0000000100)}], 0x1, 0x0)

00:20:48 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:48 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:48 executing program 1:
mmap$fb(&(0x7f0000a00000/0x600000)=nil, 0x600000, 0xa, 0x83032, 0xffffffffffffffff, 0x0)
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f00000009c0)='\xce\x8f*\xf7\x00', 0x67514c7366170ade, 0x0)
mmap$fb(&(0x7f0000a4b000/0x1000)=nil, 0x1000, 0x0, 0x11, r0, 0x0)

00:20:48 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x0, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:49 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

[  317.614609][T11620] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  317.614609][T11620]    program syz-executor.3 not setting count and/or reply_len properly
00:20:49 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, 0x0, 0x0, &(0x7f0000000100)}], 0x1, 0x0)

00:20:49 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:49 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:49 executing program 1:

00:20:49 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080)}], 0x1, 0x0)

00:20:49 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:49 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:49 executing program 1:

[  318.520104][T11658] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  318.520104][T11658]    program syz-executor.3 not setting count and/or reply_len properly
00:20:49 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080)}], 0x1, 0x0)

00:20:50 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:50 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:50 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:50 executing program 1:

00:20:50 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0xff)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'syz_tun\x00', <r1=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x6c00, &(0x7f0000000140)={&(0x7f0000000600)=ANY=[@ANYBLOB="740000002400f3a4746735400000000000000020", @ANYRES32=r1, @ANYBLOB="00000000ffffffffffffffff080001007366710006000500fffff0000010e104deccbbbde735b9a00000000000000000000000000033cc3512c9aa8178bdf1001b00000000000300000000de7f46000000000000007f0000000000009900007cf76567e30e03c32824f1583940ea0e363002e94564838f548258a632963f8262d0485c9b90c19b6ca74fb97882f65eb406eaf163fe648fceb6d85c1a8e44476c248656cbedc45549c5ceffcfeaabfca524afef20c0034fbd36262c964c61f3771603fd386dc70a77e574732bd950e808d630070800683e251ac28f8fff9d683aa3d9710400000000000014ccb381077c2afecae2bb28925f8dd87c3994efcbe9b0d54f37c1ef3645d77e7281ab057d2bef3b8444014c8752a4a8a434ac70810633f2eb7d7a89d0f3cf2074bb2e180757ee1772593cd728026dfe9b7bc2cbc70a0c52fd1a3f071dde69a5dcd32cb951da688b87961591b4671e63cf37feaac76f85b3bdaad65e1cd467ba00007d55848bc0f407c78f5a56c1e95451864bf9fbef7bde2667d9ea1091e7a922d0137c5fc0d077e4e61bc5b0146c291ade0c82e3d68a0704ab7ca369e014cde4fbfbb2267345e7a7b6e27df373d3566411220610d72fd12f80461a6178df46c6ff661d7927befa3d95c26e351cdae73b73da338e9af046368d9424a9a921f44d0775c2f88d30494d46cccd7d98b0111a9907d5834f07bad6df1a4c6503542bf77cf1d9f1ff4ae3fbbd86384b17161022073d14e0bb52c762fdd85609bbe10700000000000037a94e71c166d875ba535e3a9c98f35ef27130b6188ec5b83ae1d389a4fc5a091ec64b035aaba22448ad7139eb18f30ffc3ccdaddcb043ba8d64b2357957aa361a3381912e562f230a55dfcd4d99220660a79e57b0fc705c666b34658452c252cc73de9657549788a607165e6227aadb6003f874a93a59f8739d6a25da9c3d4cf2d3c280cee5825a81f3fc266c48f4e869e98b1094fe3dd08943cfd6ae4e4ab093ca5acbd508f5fe4f32c4812551b270623c590f8d40be1fc477a9f386f5047819d1b75356261e4ec87168ee209dab90ea802f9c4fd387eb1452d77c3be090a75c8f6515ae93d8e88951d3403efc24fcbf8ca7090eb4020000000000"], 0x74}}, 0x0)
r2 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r2, &(0x7f0000000180)=[{0x63, 0x1000000000000, &(0x7f0000000080)}], 0x1, 0x0)

00:20:50 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x2, &(0x7f0000000200), 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:50 executing program 1:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x1040}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r0 = getpid()
tkill(r0, 0x9)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
openat$vga_arbiter(0xffffffffffffff9c, 0x0, 0x4000, 0x0)
syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x0)
execve(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(0xffffffffffffffff, 0x8914, &(0x7f00000006c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6\xf23F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0_\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\xa9\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&k\x80K\xd1>\xa6\xff(\xb1\x01\xe7\xa5\xce-A\xb0\xec\x190r-q\x83\xb3mN\x91\'\xc5\xf8\xfe\x18\x16\xb7R6\xa9R\xf4H\xa7\x84\x98\xfc\xf9\xa6\xd6\x8d\xa7\xd5_\xc0\x93\xde\x1f`\xff\xcf\xe1)N\x85&\x8b\x06I\xa2\x13\x02\x00\x00\x00\x00\x00\x00\x00[\xae5\x82}\xb7h!\xd9\xce\xe9\x06\b\rs^\x8d\x14\xc1\x97m@6\x1d\xfc\x92@-\xb6\xe5N\x84\xbc\xc0\x1f\xfbI\'M\xdd\xc6*\x06&\f\b\xa6\x92)D}\x87\x80\xea\xb9l\x80H\xea\x82o6\xfa)\x15\xdc@\xf4\x86\xd6_\xf9+/Q\xd5\x8a;\x8b\xe1\x1d\xd0\xec\x8ek\xdb\xa8\xf3Ir\xdb1`B&\xe8A\xd1\xea\xb4$5%aL\xc1\xbd\x91\xc3\x90\x06i <1\xaa\"\xd5\xbb\xe9\xc7SX\xbfm{>\xd4\xc3(E[\xb0J13\xbbG\x8a\xb4\x8aMs\x9f\xcf\xb8g\xab\x12\x8cj\x95}\xb1\bc\xc4u\xf4\xe2\x88\xfa\xde\xec\xdf\xb9\x98\x84\x028\xd9_n\x9f\x86\x88\xe6\x15b\x01]\x01a\xe7\xb9\xb0\xbdk\xaa\xa1\xc1')

00:20:50 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:50 executing program 0:
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:50 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:50 executing program 5:
r0 = socket$packet(0x11, 0x3, 0x300)
pread64(r0, 0x0, 0x0, 0x0)

00:20:50 executing program 1:
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a", 0x30)

00:20:50 executing program 0:
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

[  319.401622][T11703] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  319.401622][T11703]    program syz-executor.3 not setting count and/or reply_len properly
00:20:50 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040), 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:50 executing program 5:

00:20:51 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:51 executing program 1:

00:20:51 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:51 executing program 0:
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:51 executing program 1:

00:20:51 executing program 5:

00:20:51 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040), 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:51 executing program 0:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:51 executing program 1:

[  320.014554][T11742] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  320.014554][T11742]    program syz-executor.3 not setting count and/or reply_len properly
00:20:51 executing program 5:

00:20:51 executing program 0:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:51 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:51 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040), 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:51 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:51 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x25, &(0x7f0000000140)=0x140000916, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:51 executing program 5:
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='oom_score_adj\x00\x9f\xc5r\x0e8J\xdb@\xf8\xbfj1\xe8\xce\x88\x02^\xb2\xf4hTR2\xf1\x89\x1e~m\x19\xc9lG^l\x13c7\xf7$\x7f?9>b\xe8/<\xdbj>:\xd9\x10\x04r\x18\x15\xdc)\x10I<\xd0:\x0f\x18\xec\x00\xc2w\x8a0C\xf8\xa9\xeaa\x16\x8c\xe6C\xf5\xcb\xdc\x1c\xea`\x9c\xe1\x8e\xdd\xaa\x1f\xf4\xaf\xa3Z\xbf\x17M\x1a\xff\xb1\x8dP]<\x9e\xe1B[y\xe6\xae\xe9I\xdb)\x9b\xcb\xa3Wlt\xe9\xa9\xfc\xf8\xde\xf0]\n\xa5S\x16\x1dh\x88\xc5\xea\xcf\xca5\xd2.\x93\xfd\t\x90#hq\r\x9b;\x83\xdd\x0fs\x80\x12\xc6\x8e~\xd4\xef\xc7:\xee4cu\xb2\x03\xd5\xd5)\xc9\xf1/\xea\x95_\'\xfb\xb9\xa94\xca\x9e\xf3\xfb\xc9\xd6~\xd5\xb7}B\xe5.\x86\xbf\xbb#\xb9\xf7N\xb3\xfe?x\xccX^\x16bz\"\x8a\xa45\x10t\xbb\xb7\xca\xa7\xcc\xde_\xdc\xab\xf2\xb8\xc7\xb3\xd3&$\xbb4\x81\t\xbb\xe3\xbfB(ln\xbc\xe9E<6$\x8f)\xb0\x1a\xc9\xe3\x18\xa6\xd9zk\x94Z\xed\x96\xad\xe2\\\xcb,!\x13\rv)r\xf1\x00E\xcccgr\xbf\xd4uB\x9f\xa5\x8c8\xe4\xfe\xff\xff\xfftd\x89\xc8V\x14\x17=\xd9\xcf*\xc8\xc7\x95\xcc\x182/Jm\x8c5\x93\x14\xfd\x02\'\xe3\xc9\x12~\xc3\x10\xb7\xc7\xae\xcfA\x823|\xfd\xba2\xbd\xc6-\xe0E_x\xc7i\x8dV\xd9\\_l\xfb\xd8xX.N\x9bd\x91\xd5\xc1\xa1\xbahL\x95wF\x13{\xfd\xc8T\x1f\xe1)h\a\xe8Wn]\xe4\x00')
lseek(r0, 0xfffffffffffffffd, 0x0)

00:20:51 executing program 0:
r0 = syz_open_dev$tty(0x0, 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:51 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:51 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:51 executing program 5:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
ioctl$RTC_IRQP_READ(0xffffffffffffffff, 0x8008700b, 0x0)
mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f0000704000/0x1000)=nil, 0x1000)
munlockall()
socket(0x0, 0x0, 0x0)
bind(0xffffffffffffffff, 0x0, 0x0)
socket(0x0, 0x0, 0x0)

00:20:52 executing program 0:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

[  320.642664][T11782] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  320.642664][T11782]    program syz-executor.3 not setting count and/or reply_len properly
00:20:52 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

00:20:52 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:52 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x10000000013, &(0x7f00000006c0), 0x4)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:52 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

00:20:52 executing program 0:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:52 executing program 5:
bind$unix(0xffffffffffffffff, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x0, 0x0, 0x0, 0x6}, 0x0)
socket$inet6(0xa, 0x2, 0x0)
pipe(&(0x7f0000000200)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x800000000000000}, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
fsetxattr(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="7373756d0000000000000000000000008777dd1dee10fa0fbbdb5bc49f12dd76740531bd4f39c05edddb541bd6d29624818ee0fa340e"], &(0x7f0000000480)='systemeth1(trustedposix_acl_access\x00', 0x23, 0x1)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r2, &(0x7f00000004c0)={0x2, 0x0, @loopback}, 0x10)
sendmmsg(r2, &(0x7f0000006d00), 0xffffffffffffff92, 0x1ffffffe)
ioctl$EVIOCGABS3F(0xffffffffffffffff, 0x8018457f, &(0x7f0000000280)=""/247)
syz_genetlink_get_family_id$tipc(0x0)

00:20:52 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r0 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r0, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)
ioctl$KVM_RUN(r0, 0xae80, 0x0)

00:20:52 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  321.144257][T11818] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  321.144257][T11818]    program syz-executor.3 not setting count and/or reply_len properly
00:20:52 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:52 executing program 0:
syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(0xffffffffffffffff, 0x541c, &(0x7f0000000040)={0x2, 0x0, 0x0, 0x0, 0x2a7})

00:20:52 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:52 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:20:52 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:52 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, 0x0)

00:20:52 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:20:53 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  321.661296][T11847] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  321.661296][T11847]    program syz-executor.3 not setting count and/or reply_len properly
00:20:53 executing program 4:
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:20:53 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0)
socketpair(0x2, 0x3, 0xfa, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x6}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setpipe(r5, 0x407, 0x0)
write(r5, &(0x7f0000000340), 0x41395527)
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffff7fffffb, 0x800000000000000}, 0x0)
r6 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000640), 0x89a755105a246e9a}, 0x0, 0x40, 0x0, 0x6}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x102, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, @perf_bp={0x0, 0x2}, 0xd00, 0x0, 0xf56f, 0x0, 0x200}, 0x0, 0x0, r6, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={0x0, @multicast2, @dev}, 0x0)
fsetxattr(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="7373756d0000000000000000000000008777dd1dee10fa0fbbdb5bc49f12dd76740531bd4f39c05edddb541bd6d29624818ee0fa340e83405757059bceaa96ddcee1a8388d761613fcd5971abed9ab06281013476c63450b1a80395d95711289335d4691fd4a20ab68980299b9fdfef1e5a94effc6bd19ca22162f06aeac64bd70e88b0424e27c4eec51a76ce66c029be4c8690d192a59544bc6b9e9fff7cfdcc79be05757b43f5c67cf12868c06932e7dbbd28c2c49837c2c46c6201659967005d2334f1ff7171f061bc0d808b1accb438168ffc1cf5980d784a228eb69d63e82fbfd4f1ad61140bea0c95aa04c6a98cb6d475b977f567216e7aa48b8f62bf7599a67e2217e7ed964e935bdd4128b0bd0f3c0"], &(0x7f0000000480)='systemeth1(trustedposix_acl_access\x00', 0x23, 0x1)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r7, &(0x7f00000004c0)={0x2, 0x0, @loopback}, 0x10)
sendmmsg(r7, &(0x7f0000006d00), 0xffffffffffffff92, 0x1ffffffe)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x3, 0x3, 0x3})
ioctl$EVIOCGABS3F(r0, 0x8018457f, &(0x7f0000000280)=""/247)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x1fd0)
r8 = syz_genetlink_get_family_id$tipc(0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41000}, 0xc, &(0x7f0000000500)={&(0x7f0000000040)={0x1c, r8, 0x2, 0x70bd2b, 0x25dfdbfc, {}, ["", ""]}, 0x1c}}, 0x0)

00:20:53 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:53 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, 0x0)

00:20:53 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)

00:20:53 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:53 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:53 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, 0x0)

00:20:53 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:53 executing program 5:
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='stat\t\xc0\xd2\xfe\xbc\xf9\xdf-\xea\xc8\xc1w\xff\x17\x12H\xe9\x11\x93Q0I\xf81U\ro}\xe6l\xf67\xbd\xbf\x13\x11\x92\f\x8a&\xed\xa4\xdc\xc3x?\x9d\xb5\x11k4\xd3\x1b\x05\x12\xa5`\x8a\xaf\xf0\x1eyR4\f\xd6\xfd\x00\x00\x00\x00', 0x275a, 0x0)
socketpair(0x2, 0x3, 0xfa, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
bind$unix(r1, &(0x7f0000000200)=@file={0x1, './file0\x00'}, 0x6e)
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x6}, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r3, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
fcntl$setpipe(r5, 0x407, 0x0)
write(r5, &(0x7f0000000340), 0x41395527)
vmsplice(r4, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3, 0x0, 0xfffffffff7fffffb, 0x800000000000000}, 0x0)
r6 = perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000640), 0x89a755105a246e9a}, 0x0, 0x40, 0x0, 0x6}, 0x0, 0x2, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x102, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, @perf_bp={0x0, 0x2}, 0xd00, 0x0, 0xf56f, 0x0, 0x200}, 0x0, 0x0, r6, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000002c0)={0x0, @multicast2, @dev}, 0x0)
fsetxattr(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="7373756d0000000000000000000000008777dd1dee10fa0fbbdb5bc49f12dd76740531bd4f39c05edddb541bd6d29624818ee0fa340e83405757059bceaa96ddcee1a8388d761613fcd5971abed9ab06281013476c63450b1a80395d95711289335d4691fd4a20ab68980299b9fdfef1e5a94effc6bd19ca22162f06aeac64bd70e88b0424e27c4eec51a76ce66c029be4c8690d192a59544bc6b9e9fff7cfdcc79be05757b43f5c67cf12868c06932e7dbbd28c2c49837c2c46c6201659967005d2334f1ff7171f061bc0d808b1accb438168ffc1cf5980d784a228eb69d63e82fbfd4f1ad61140bea0c95aa04c6a98cb6d475b977f567216e7aa48b8f62bf7599a67e2217e7ed964e935bdd4128b0bd0f3c0"], &(0x7f0000000480)='systemeth1(trustedposix_acl_access\x00', 0x23, 0x1)
r7 = socket$inet_udp(0x2, 0x2, 0x0)
connect$inet(r7, &(0x7f00000004c0)={0x2, 0x0, @loopback}, 0x10)
sendmmsg(r7, &(0x7f0000006d00), 0xffffffffffffff92, 0x1ffffffe)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x3, 0x3, 0x3})
ioctl$EVIOCGABS3F(r0, 0x8018457f, &(0x7f0000000280)=""/247)
ioctl$PERF_EVENT_IOC_REFRESH(0xffffffffffffffff, 0x2402, 0x1fd0)
r8 = syz_genetlink_get_family_id$tipc(0x0)
sendmsg$TIPC_CMD_SHOW_STATS(0xffffffffffffffff, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x41000}, 0xc, &(0x7f0000000500)={&(0x7f0000000040)={0x1c, r8, 0x2, 0x70bd2b, 0x25dfdbfc, {}, ["", ""]}, 0x1c}}, 0x0)

00:20:53 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:53 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040))

00:20:53 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  322.517910][T11893] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  322.517910][T11893]    program syz-executor.3 not setting count and/or reply_len properly
00:20:54 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040))

00:20:54 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:54 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:54 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

00:20:54 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040))

00:20:54 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:54 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:20:54 executing program 1:
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:54 executing program 5:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r0, &(0x7f00000012c0)='\f', 0x1, 0x11, 0x0, 0x0)
ioctl$sock_inet_tcp_SIOCATMARK(r0, 0x8905, &(0x7f0000000000))

[  323.389627][T11933] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  323.389627][T11933]    program syz-executor.3 not setting count and/or reply_len properly
00:20:54 executing program 0:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$TIOCLINUX2(r0, 0x541c, &(0x7f0000000040))

00:20:54 executing program 1:
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:54 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:20:54 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10)

00:20:55 executing program 1:
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:55 executing program 4:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

00:20:55 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

00:20:55 executing program 0:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f00000000c0), 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000280)=[{}], 0x8)

00:20:55 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r1, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, &(0x7f0000000180)={0x2, 0x4e23, @empty}, 0x10)
write$binfmt_elf32(r1, &(0x7f00000002c0)={{0x7f, 0x45, 0x4c, 0x46, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x38}, [{}], "", [[], [], []]}, 0x358)

00:20:55 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:55 executing program 1:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:55 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:55 executing program 1:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  324.361290][T11972] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  324.361290][T11972]    program syz-executor.3 not setting count and/or reply_len properly
00:20:55 executing program 0:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r0, &(0x7f00000000c0), 0x10)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000280)=[{{}, {0x0, 0x0, 0x1, 0x1}}], 0x8)

00:20:55 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:55 executing program 5:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000280)=[{}], 0x8)

00:20:55 executing program 1:
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:55 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  324.791029][T12005] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  324.791029][T12005]    program syz-executor.3 not setting count and/or reply_len properly
00:20:56 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, 0x0, 0x0)

00:20:56 executing program 5:
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket$packet(0x11, 0x3, 0x300)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bind(r3, &(0x7f0000001080)=@un=@file={0x0, './bus\x00'}, 0x80)
bind(r3, &(0x7f00000002c0)=@generic={0x10, "a15294984749b5f08e31d300aaf85f0cd8f8564e838eb8aba7812eef0199051eeb6ae59b0b7eff94967eea2f9a8ee95e89fe372080027964fdcc08dc26b52c021028bcd8811419dfce34d5eabe4c42554c791dfc9a6b031e0c5d20bfbc91f23ddbbbd7a5b22febb58feb7db8c0a37d763c963b5a68a96aa5ad92d5b0a023"}, 0x80)
write(r2, &(0x7f00000001c0), 0xfffffef3)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
write$cgroup_int(r1, &(0x7f0000000180)=0x7, 0x396)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
getrlimit(0x2, &(0x7f0000000240))
r5 = dup(r4)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f0000000500), &(0x7f0000000540)=0x14)
r6 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
bind$unix(r7, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r7, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
bind$unix(r8, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r8, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000004c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
bind$unix(r10, 0x0, 0x0)
connect$unix(r10, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
bind$unix(r11, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r11, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
bind$unix(r12, 0x0, 0x0)
connect$unix(r12, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
bind$unix(r13, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r13, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
bind$unix(r14, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
connect$unix(r14, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
bind$unix(r15, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r15, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
bind$unix(r16, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r16, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r17=>0xffffffffffffffff})
bind$unix(r17, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r17, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
sendmsg$key(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYPTR64=&(0x7f0000000880)=ANY=[@ANYRES16=r3, @ANYRES16=r0, @ANYBLOB="8a4968b27c0aee4d976b9c0dc74bdc445e13a954e6c6f69c1df7a4f70b3819e3491dc8f141ac6028666e8f15241bf5cb09fb9c1983f3f76573c6d1486bb4790ee0f29a2a0408ff5b05185b5c5a5134b464b795eb2638b4b0859d55dd6367d6432ab82906eee8aeb941eedda1479bbbcf3b92529561f66f5915792ba6ac2a3526ae14e7265c489ca6452c123593e909d186ffcb964628d51d798fdb7139958c9beb017782f8f26ab504b49b6645afaa1db50fd96c3d1c3a95453ceb7c4a0e33f5a8834ae3a1d909479a183070a9ad6c685b610d31ad98cacce62fae82bb714e5cb5e8e11ae69b551001dc00", @ANYPTR=&(0x7f0000000800)=ANY=[@ANYPTR=&(0x7f0000000580)=ANY=[@ANYRES32=r10, @ANYPTR64, @ANYRES32=r14, @ANYPTR], @ANYRES64=r15, @ANYRES16, @ANYRESOCT, @ANYRES64=0x0, @ANYRES32=r12, @ANYRESHEX, @ANYRES64], @ANYRESOCT, @ANYPTR64=&(0x7f0000000480)=ANY=[@ANYRESDEC, @ANYRESDEC=r0, @ANYRES32], @ANYRESDEC], @ANYPTR=&(0x7f0000001740)=ANY=[@ANYBLOB="29a37d0a2a59cc7cbc960a77c38e521f1714cabdc707bae0dd9c802cab7ffbae8a9e63cbf36270efd6cb4ff6df48f9bcd2680b4f9f253ceb17fac260927743c0d9985a660849b8022ffdcccea688410e1fb27e609a48f5b0a1c349dcf6e7e97278a54c44b0b1d5934a0df83580610ec4e357323c6e90a211d011de1f9f96b61f200392d5d00c9b7a38fac929165a290cb5abcb473519a471ed5813f8ba1ba1e429de7111afc57ad163614dc6d4ba4cc77caf94e4ea2559e78884cbd87bab3ad81d2ae77d09fc994c57db90232835719aedaa0aaf47591b5cb9c7b7e78f082fa4351bae0b1c586a13f5cc5f4af325a2252b4fae438ebf497ed26b18ea877d0324abfa8e1907a9b5b987363373ac5e5840f1339fe730dd019ca8d72332c993a07292e78bf27b6a36539cb7fbd2fe059cf18166e7e75a3217e21eff533b5462827e7737ed7f3c52d2131f61c54195dc23efce2c59f8e7d577aa45db4472c5879305851367c763e5a6c126e161d5ef1cf0ab2f12041a5436d4305142bafe1335a7fb70d0d5b7d7304d6739cb3bc94490bf1d6b54ce1677ccb93db9f6a045608d1bb37f2c71a33819165325785945090d00373964ce832346a37ee867ec3559c526eb177545c8026e327616e3805b8e95e339abc38288f2af3c585281284c732057c60982b464e758f214750be39a58fe542faa71b36236d0f6c275b7f7008c17414b47370cad4a8b24d36884b38f0efbd13247110330c964e11d8aac23a8170c4dcd29bf884f1a91b27b6da4b8be40f612adc8f301ab8237b1cd63c5cbeda449b6c8405d340582317e5888bc9e31d4f958149b959ee375e3a41834fc77c42132234d924b378452b35133415052080017a6aa1a50d02fce1dc5835ea70d0d55ebca7b4a93def77dc526aafca03999460cf27a647b2075dd131b6462fc2bcd40875098b5c5bad75f30cee83b86c446cea19c3b65fd8d0beb2dcab8166e554f2df27f79dd85a97e35f9d9ee8be09c6d96688a0a4249b1b458a57f0387f40320f144b5043d3d9852948d2a74531bab3fa69c2d0d72d4c9e97d8bcadf6c88039eb6fae37e0d1c836227b0a15a23c27dccbbd8dfbdfadc1bf7d2a473ac57335c2f3a49d3ef5d2f8e0c2c62b139f81ad04cde88a73b78336ed0a835ed6c42248b48c7709b48c977ff1e03ec4aa69ac210be13466fe217efa1c3c5ccaf51c4a1a625aed81e030f2aafa68d2a9d2c4f676f24227a72158132336761544ffa0a65831b9ca18a3891a5434c990571613b59790c12f1dc4be2317a382a94a744a950db8dfcc88b69b251fa5dc7af273ac5273dc1aa64771fc50ebea2acd7da14c47ff88ace62a7224ecdc5f1f091eff0997744446c1e9daf8be2a0fdb5092a2a3046deb0a33d63fadb180089e4a50cb9cec2bd47b1b16220580c54101e4ecbe46bf3610bccc150ac39e378020294deef58c5cd0dabb6321ce3dc83a6a9cb2f89c110f7d792e1c4f63240a41e65051a898fd88feac41e837eb2dfb780bc69bb03ba2167436d354fb1bd2d9755289b4a627826bfe4461c9f45ba7cd935eef9afc05e91c29dd65492b619239cec4ee9a018d67731b521800a6515135a780a6f4828d9731087306f489cd409814df814cfbc9ec223c311ae4e522c9350c5844bd2d42706471e56c8b91da91737fd69a9ed30014881b08754dd27ff513570406cc75b373cec5ff3ceb20a6afc921055fe0a1b651688f9a2750cc1721ffd930fb5154d97a68499303699e84269da1dc3dcb426cb69df24bd95b8c876fb8ddd9d000a6eb5fa90fecf014917e513e3b440ed37066a303a30ad68fcb6aac7ef6330cc4cf45ead15fbff2b300fa28c5bd5a082b9bb695e7d8d3f1cec0640e4f4fdc4e508a17e93f8812f7922c0bc4b314c0de7de0f1e65600de09a42c186871615e1f37ab6eb7cc475df2a9aad613ddf01e68f53d382dc5e7e75b5128c92341a6e90c295f74c32a76cfef46f6795a32086dbbba84142a9bfee0fd8abc1d043d92a83e68012e12a0aeb34acf617ca2cb154b2cff16d9638c45a65c5abd00c4bdafcc919fbb1d2a86e3089a558ec51aff7c29bde9817c3a6600fd966e3333c9e63f464a4f81480e831249a2cad9e67b66c9699801750a711b3978a0d827c19bca204b26a215e77a7f7dced48ff6a197158558dc43acf96f3bb3b6347210f26a3b58f8b1a02fb8662ba0992548a4b836fb8dff520bde56ca3f281199ddabbf1428a11decaadea01480f20cba317c71f416ed9a2d09ed7643cdaa93291997bcc115b509ad9cb490380712dcf30477ca5fe8a19a9c0e2d27cb989702c11467d8a01e488cc151815e37ab3f05f3aac45cd36538074ab4c25d0db1d6b8a817322474d24dcef97be6362a9ec2d245f8968ee679902c5cd48f939a00e5107d4f2b193a362a04e618f4fff59d59baff77cc4f4a83729e66931d129035d8fb0940b6dffab280231e306718ad32d917f2202b73dbeec5c08346196d7a4ac43d3e87fda31b87bf0e16b543f57ee2f0960442a2c9451b90bae9f9b22a6f8587f30cb6fffbc4ee199c15520710b8352af0915518c0bb9b40b8e963667110e5b5d7e9e16fd6b8003c7950a6d548cf13c22b8b3851c25cb604ded93f17953e16cccb6846b8dc3ac1f0bd9ad3f54d2f53aaaab7ca97f8fb0c69b3dd2df357a3db01f96cce7f1449461bbe6f5b5418091b4889b5c20e80ae6d6850b86d181746108f20d4c41ec2ac13417667d4dcab8c95d4de5ac42306d789932c3cea6ddc9c3b7cdc767200ff0057c7bf540843375fd16ee7ba28254ee73a4482fa135122b5dd74b51c1840ef90f17c8ec7c617d03d0705b841ffba1111f3103bdda25491b4ac23d692ae3d2fb17e87042894642c0e290e0f0ca004906e30c2ebfd3d9ea771c4894cf0b1436776f4e8324a9506dca1428e12589b7c1aeb3117d78596ce3186c922c15ec498e2a6fad18b086aab74f4333f68a2c3d7eb4d7179c48ad5b14663f88c72f3b2f9fd9c7d012b80ef168204bbd5a15b5ee84fe1b01acd0147cd6478d309ef1cd8ccf23444052b640cd65983447427421176a61fc7456dba3da21e47212cd267518112b94f7b550b970d2ca8382d3952514602e989ad6e80555b10693738fde7f280f41c9c9340b8f17a95d3af186fe0ee3c60d7b1e253bd81200edff6e42ffc2200c56d3fb715e47b7188cdf4e3785fd0751454c8f8b7338a13259213cfaddf74142ee35fc219a7c3d88f30877e69cf393d13a941aad3e8b827fe3cf3397b4e37b94ed68835a904f23d8444cb7f88c4bcf08dfae9834ed567a7a7127a4d97531f7b76cd6b542617ecbf6b746fd114e18a4874c17cbb64d111d825bfb8706df09066f362fc7f9089cecb2039649e80b5a67c3f093d37eb25330976178caee2585b4aad2e0b5c302f08588599a3d3ab442599788d750cee8eca7df74f492c5e18a1f82eb65c40a6148f867132195ca80ab923edd8ce1e4484232c4b3374f385701b2d70d4da37484275927a7413d1f0c88ffb7bf08650606ebc491e70d598852e500275a6f36041bf11a9391a188099f1fab2af32d5907f72fc92b7a94d25c83c6ea31127964f608c1025afbb66e21a71f28afbb8867bfef415a064baad53e4dbd0384d6b7100feec2bff87df9bdaf3937376a0791b1b3fcc5614f351b9708ba105ac818f67784b04fd47e4ae28328f871d208d69ed9731d86c7e6417984673c32eba09e35870e3f9454dd64ebdc77d1df530d52435e87cce18763ce4b2b18f42090de323e16f82703c1fbac8a5af078dd46635ee45d2d1c6fd49ef4ecc65226fdd1840636f0005493a3f723a7ea1cf11e08d35902010cb7bc5d5ea69be8c506b04b6b06ad9f99f239ab530f719165ee4685b1f30ffa738800fea1b5d8df2eec985722fcff5a1b47d4505dc62e50cda96a4f6224cfc611a8f512fe06a46eae7fb831d6bfea0293aefc686781982618c9ad504dfb5d7309ed6e464da1d02e697984bc734f07ebb8403d30d34d318411fff5dd4be800c2acdded2e84521d05c1619f15a782eabc52812e9f86dd60203ab4c13ed2c074f05a0ebaeeb85f215bcf032634b8e3c59ac21437ad9883915a4c734076d69eeed6f0b9ccb08644b763c329708dcb73044ea17d33225164cf216f94b2391426beabe8668ce5f2fd156bcb841d9bd2ec3e127115fff2aaaec926f88d3f0321fc0aa9a36f60f5ef84f41f6d733bfed92b52ed22d10cccda5fb7eaa3f15891a9d2fc640e88573cf21294714630e0fa4ccd4208eeb4c55258f43158c9ec3bc7e9d9285aa05c261f9b6fef5a11f60f63a1ce2bebf22bb6cafe", @ANYRES64=r17, @ANYRES32=r12, @ANYRES16=r3], @ANYRESOCT=r13, @ANYRES16=0x0, @ANYRES16=r4], 0x27}}, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40046602, &(0x7f0000000640)=0x1)
inotify_init()
lseek(0xffffffffffffffff, 0x4, 0x0)
ioctl$UI_SET_SNDBIT(r5, 0x4004556a, 0x0)
r18 = socket$inet6(0xa, 0x1200000002, 0x0)
setsockopt$SO_TIMESTAMPING(r18, 0x1, 0x25, 0x0, 0x0)
sendto$inet6(r18, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x100000031, &(0x7f0000000140)=0x2, 0x4)
recvmsg(0xffffffffffffffff, 0x0, 0x2002)
getsockname(r18, 0x0, 0x0)
r19 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r19, 0x6, 0x210000000013, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000100)=0xffffffff80000001, 0x4)
bind$inet(r19, &(0x7f0000738ff0)={0x2, 0x4e21, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r19, 0x6, 0x16, &(0x7f0000000000)=[@mss, @mss, @timestamp], 0x3)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
dup2(0xffffffffffffffff, r9)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x12, &(0x7f0000000380)=0x83, 0x9)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x20000008, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000280)='syz_tun\x00', 0x10)
r20 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x108)
ftruncate(r20, 0x2007fff)
sendfile(r5, r20, 0x0, 0x8000fffffffe)

00:20:56 executing program 0:
socket$inet6_udplite(0xa, 0x2, 0x88)
r0 = socket$packet(0x11, 0x3, 0x300)
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000005c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
bind(r3, &(0x7f0000001080)=@un=@file={0x0, './bus\x00'}, 0x80)
bind(r3, &(0x7f00000002c0)=@generic={0x10, "a15294984749b5f08e31d300aaf85f0cd8f8564e838eb8aba7812eef0199051eeb6ae59b0b7eff94967eea2f9a8ee95e89fe372080027964fdcc08dc26b52c021028bcd8811419dfce34d5eabe4c42554c791dfc9a6b031e0c5d20bfbc91f23ddbbbd7a5b22febb58feb7db8c0a37d763c963b5a68a96aa5ad92d5b0a023"}, 0x80)
write(r2, &(0x7f00000001c0), 0xfffffef3)
setsockopt$inet6_tcp_TCP_REPAIR(r2, 0x6, 0x13, &(0x7f0000000400)=0xffffffffffffffff, 0x4)
vmsplice(r1, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
write$cgroup_int(r1, &(0x7f0000000180)=0x7, 0x396)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
getrlimit(0x2, &(0x7f0000000240))
r5 = dup(r4)
getsockopt$inet6_tcp_TCP_REPAIR_WINDOW(r5, 0x6, 0x1d, &(0x7f0000000500), &(0x7f0000000540)=0x14)
r6 = socket$key(0xf, 0x3, 0x2)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r7=>0xffffffffffffffff})
bind$unix(r7, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r7, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r8=>0xffffffffffffffff})
bind$unix(r8, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r8, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000004c0)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
bind$unix(r10, 0x0, 0x0)
connect$unix(r10, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r11=>0xffffffffffffffff})
bind$unix(r11, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e)
connect$unix(r11, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r12=>0xffffffffffffffff})
bind$unix(r12, 0x0, 0x0)
connect$unix(r12, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r13=>0xffffffffffffffff})
bind$unix(r13, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r13, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r14=>0xffffffffffffffff})
bind$unix(r14, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e22}, 0x6e)
connect$unix(r14, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r15=>0xffffffffffffffff})
bind$unix(r15, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r15, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r16=>0xffffffffffffffff})
bind$unix(r16, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r16, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r17=>0xffffffffffffffff})
bind$unix(r17, &(0x7f0000000180)=@file={0x1, './file0\x00'}, 0x6e)
connect$unix(r17, &(0x7f0000000300)=@file={0x1, './file0\x00'}, 0x6e)
sendmsg$key(r6, &(0x7f0000000600)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000780)=ANY=[@ANYPTR64=&(0x7f0000000880)=ANY=[@ANYRES16=r3, @ANYRES16=r0, @ANYBLOB="8a4968b27c0aee4d976b9c0dc74bdc445e13a954e6c6f69c1df7a4f70b3819e3491dc8f141ac6028666e8f15241bf5cb09fb9c1983f3f76573c6d1486bb4790ee0f29a2a0408ff5b05185b5c5a5134b464b795eb2638b4b0859d55dd6367d6432ab82906eee8aeb941eedda1479bbbcf3b92529561f66f5915792ba6ac2a3526ae14e7265c489ca6452c123593e909d186ffcb964628d51d798fdb7139958c9beb017782f8f26ab504b49b6645afaa1db50fd96c3d1c3a95453ceb7c4a0e33f5a8834ae3a1d909479a183070a9ad6c685b610d31ad98cacce62fae82bb714e5cb5e8e11ae69b551001dc00", @ANYPTR=&(0x7f0000000800)=ANY=[@ANYPTR=&(0x7f0000000580)=ANY=[@ANYRES32=r10, @ANYPTR64, @ANYRES32=r14, @ANYPTR], @ANYRES64=r15, @ANYRES16, @ANYRESOCT, @ANYRES64=0x0, @ANYRES32=r12, @ANYRESHEX, @ANYRES64], @ANYRESOCT, @ANYPTR64=&(0x7f0000000480)=ANY=[@ANYRESDEC, @ANYRESDEC=r0, @ANYRES32], @ANYRESDEC], @ANYPTR=&(0x7f0000001740)=ANY=[@ANYBLOB="29a37d0a2a59cc7cbc960a77c38e521f1714cabdc707bae0dd9c802cab7ffbae8a9e63cbf36270efd6cb4ff6df48f9bcd2680b4f9f253ceb17fac260927743c0d9985a660849b8022ffdcccea688410e1fb27e609a48f5b0a1c349dcf6e7e97278a54c44b0b1d5934a0df83580610ec4e357323c6e90a211d011de1f9f96b61f200392d5d00c9b7a38fac929165a290cb5abcb473519a471ed5813f8ba1ba1e429de7111afc57ad163614dc6d4ba4cc77caf94e4ea2559e78884cbd87bab3ad81d2ae77d09fc994c57db90232835719aedaa0aaf47591b5cb9c7b7e78f082fa4351bae0b1c586a13f5cc5f4af325a2252b4fae438ebf497ed26b18ea877d0324abfa8e1907a9b5b987363373ac5e5840f1339fe730dd019ca8d72332c993a07292e78bf27b6a36539cb7fbd2fe059cf18166e7e75a3217e21eff533b5462827e7737ed7f3c52d2131f61c54195dc23efce2c59f8e7d577aa45db4472c5879305851367c763e5a6c126e161d5ef1cf0ab2f12041a5436d4305142bafe1335a7fb70d0d5b7d7304d6739cb3bc94490bf1d6b54ce1677ccb93db9f6a045608d1bb37f2c71a33819165325785945090d00373964ce832346a37ee867ec3559c526eb177545c8026e327616e3805b8e95e339abc38288f2af3c585281284c732057c60982b464e758f214750be39a58fe542faa71b36236d0f6c275b7f7008c17414b47370cad4a8b24d36884b38f0efbd13247110330c964e11d8aac23a8170c4dcd29bf884f1a91b27b6da4b8be40f612adc8f301ab8237b1cd63c5cbeda449b6c8405d340582317e5888bc9e31d4f958149b959ee375e3a41834fc77c42132234d924b378452b35133415052080017a6aa1a50d02fce1dc5835ea70d0d55ebca7b4a93def77dc526aafca03999460cf27a647b2075dd131b6462fc2bcd40875098b5c5bad75f30cee83b86c446cea19c3b65fd8d0beb2dcab8166e554f2df27f79dd85a97e35f9d9ee8be09c6d96688a0a4249b1b458a57f0387f40320f144b5043d3d9852948d2a74531bab3fa69c2d0d72d4c9e97d8bcadf6c88039eb6fae37e0d1c836227b0a15a23c27dccbbd8dfbdfadc1bf7d2a473ac57335c2f3a49d3ef5d2f8e0c2c62b139f81ad04cde88a73b78336ed0a835ed6c42248b48c7709b48c977ff1e03ec4aa69ac210be13466fe217efa1c3c5ccaf51c4a1a625aed81e030f2aafa68d2a9d2c4f676f24227a72158132336761544ffa0a65831b9ca18a3891a5434c990571613b59790c12f1dc4be2317a382a94a744a950db8dfcc88b69b251fa5dc7af273ac5273dc1aa64771fc50ebea2acd7da14c47ff88ace62a7224ecdc5f1f091eff0997744446c1e9daf8be2a0fdb5092a2a3046deb0a33d63fadb180089e4a50cb9cec2bd47b1b16220580c54101e4ecbe46bf3610bccc150ac39e378020294deef58c5cd0dabb6321ce3dc83a6a9cb2f89c110f7d792e1c4f63240a41e65051a898fd88feac41e837eb2dfb780bc69bb03ba2167436d354fb1bd2d9755289b4a627826bfe4461c9f45ba7cd935eef9afc05e91c29dd65492b619239cec4ee9a018d67731b521800a6515135a780a6f4828d9731087306f489cd409814df814cfbc9ec223c311ae4e522c9350c5844bd2d42706471e56c8b91da91737fd69a9ed30014881b08754dd27ff513570406cc75b373cec5ff3ceb20a6afc921055fe0a1b651688f9a2750cc1721ffd930fb5154d97a68499303699e84269da1dc3dcb426cb69df24bd95b8c876fb8ddd9d000a6eb5fa90fecf014917e513e3b440ed37066a303a30ad68fcb6aac7ef6330cc4cf45ead15fbff2b300fa28c5bd5a082b9bb695e7d8d3f1cec0640e4f4fdc4e508a17e93f8812f7922c0bc4b314c0de7de0f1e65600de09a42c186871615e1f37ab6eb7cc475df2a9aad613ddf01e68f53d382dc5e7e75b5128c92341a6e90c295f74c32a76cfef46f6795a32086dbbba84142a9bfee0fd8abc1d043d92a83e68012e12a0aeb34acf617ca2cb154b2cff16d9638c45a65c5abd00c4bdafcc919fbb1d2a86e3089a558ec51aff7c29bde9817c3a6600fd966e3333c9e63f464a4f81480e831249a2cad9e67b66c9699801750a711b3978a0d827c19bca204b26a215e77a7f7dced48ff6a197158558dc43acf96f3bb3b6347210f26a3b58f8b1a02fb8662ba0992548a4b836fb8dff520bde56ca3f281199ddabbf1428a11decaadea01480f20cba317c71f416ed9a2d09ed7643cdaa93291997bcc115b509ad9cb490380712dcf30477ca5fe8a19a9c0e2d27cb989702c11467d8a01e488cc151815e37ab3f05f3aac45cd36538074ab4c25d0db1d6b8a817322474d24dcef97be6362a9ec2d245f8968ee679902c5cd48f939a00e5107d4f2b193a362a04e618f4fff59d59baff77cc4f4a83729e66931d129035d8fb0940b6dffab280231e306718ad32d917f2202b73dbeec5c08346196d7a4ac43d3e87fda31b87bf0e16b543f57ee2f0960442a2c9451b90bae9f9b22a6f8587f30cb6fffbc4ee199c15520710b8352af0915518c0bb9b40b8e963667110e5b5d7e9e16fd6b8003c7950a6d548cf13c22b8b3851c25cb604ded93f17953e16cccb6846b8dc3ac1f0bd9ad3f54d2f53aaaab7ca97f8fb0c69b3dd2df357a3db01f96cce7f1449461bbe6f5b5418091b4889b5c20e80ae6d6850b86d181746108f20d4c41ec2ac13417667d4dcab8c95d4de5ac42306d789932c3cea6ddc9c3b7cdc767200ff0057c7bf540843375fd16ee7ba28254ee73a4482fa135122b5dd74b51c1840ef90f17c8ec7c617d03d0705b841ffba1111f3103bdda25491b4ac23d692ae3d2fb17e87042894642c0e290e0f0ca004906e30c2ebfd3d9ea771c4894cf0b1436776f4e8324a9506dca1428e12589b7c1aeb3117d78596ce3186c922c15ec498e2a6fad18b086aab74f4333f68a2c3d7eb4d7179c48ad5b14663f88c72f3b2f9fd9c7d012b80ef168204bbd5a15b5ee84fe1b01acd0147cd6478d309ef1cd8ccf23444052b640cd65983447427421176a61fc7456dba3da21e47212cd267518112b94f7b550b970d2ca8382d3952514602e989ad6e80555b10693738fde7f280f41c9c9340b8f17a95d3af186fe0ee3c60d7b1e253bd81200edff6e42ffc2200c56d3fb715e47b7188cdf4e3785fd0751454c8f8b7338a13259213cfaddf74142ee35fc219a7c3d88f30877e69cf393d13a941aad3e8b827fe3cf3397b4e37b94ed68835a904f23d8444cb7f88c4bcf08dfae9834ed567a7a7127a4d97531f7b76cd6b542617ecbf6b746fd114e18a4874c17cbb64d111d825bfb8706df09066f362fc7f9089cecb2039649e80b5a67c3f093d37eb25330976178caee2585b4aad2e0b5c302f08588599a3d3ab442599788d750cee8eca7df74f492c5e18a1f82eb65c40a6148f867132195ca80ab923edd8ce1e4484232c4b3374f385701b2d70d4da37484275927a7413d1f0c88ffb7bf08650606ebc491e70d598852e500275a6f36041bf11a9391a188099f1fab2af32d5907f72fc92b7a94d25c83c6ea31127964f608c1025afbb66e21a71f28afbb8867bfef415a064baad53e4dbd0384d6b7100feec2bff87df9bdaf3937376a0791b1b3fcc5614f351b9708ba105ac818f67784b04fd47e4ae28328f871d208d69ed9731d86c7e6417984673c32eba09e35870e3f9454dd64ebdc77d1df530d52435e87cce18763ce4b2b18f42090de323e16f82703c1fbac8a5af078dd46635ee45d2d1c6fd49ef4ecc65226fdd1840636f0005493a3f723a7ea1cf11e08d35902010cb7bc5d5ea69be8c506b04b6b06ad9f99f239ab530f719165ee4685b1f30ffa738800fea1b5d8df2eec985722fcff5a1b47d4505dc62e50cda96a4f6224cfc611a8f512fe06a46eae7fb831d6bfea0293aefc686781982618c9ad504dfb5d7309ed6e464da1d02e697984bc734f07ebb8403d30d34d318411fff5dd4be800c2acdded2e84521d05c1619f15a782eabc52812e9f86dd60203ab4c13ed2c074f05a0ebaeeb85f215bcf032634b8e3c59ac21437ad9883915a4c734076d69eeed6f0b9ccb08644b763c329708dcb73044ea17d33225164cf216f94b2391426beabe8668ce5f2fd156bcb841d9bd2ec3e127115fff2aaaec926f88d3f0321fc0aa9a36f60f5ef84f41f6d733bfed92b52ed22d10cccda5fb7eaa3f15891a9d2fc640e88573cf21294714630e0fa4ccd4208eeb4c55258f43158c9ec3bc7e9d9285aa05c261f9b6fef5a11f60f63a1ce2bebf22bb6cafe", @ANYRES64=r17, @ANYRES32=r12, @ANYRES16=r3], @ANYRESOCT=r13, @ANYRES16=0x0, @ANYRES16=r4], 0x27}}, 0x0)
ioctl$FS_IOC_SETFLAGS(r5, 0x40046602, &(0x7f0000000640)=0x1)
inotify_init()
lseek(0xffffffffffffffff, 0x4, 0x0)
ioctl$UI_SET_SNDBIT(r5, 0x4004556a, 0x0)
r18 = socket$inet6(0xa, 0x1200000002, 0x0)
setsockopt$SO_TIMESTAMPING(r18, 0x1, 0x25, 0x0, 0x0)
sendto$inet6(r18, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x100000031, &(0x7f0000000140)=0x2, 0x4)
recvmsg(0xffffffffffffffff, 0x0, 0x2002)
getsockname(r18, 0x0, 0x0)
r19 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r19, 0x6, 0x210000000013, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x18, &(0x7f0000000100)=0xffffffff80000001, 0x4)
bind$inet(r19, &(0x7f0000738ff0)={0x2, 0x4e21, @local}, 0x10)
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x0, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r19, 0x6, 0x16, &(0x7f0000000000)=[@mss, @mss, @timestamp], 0x3)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
dup2(0xffffffffffffffff, r9)
fcntl$setpipe(0xffffffffffffffff, 0x407, 0x0)
setsockopt$inet6_tcp_int(r5, 0x6, 0x12, &(0x7f0000000380)=0x83, 0x9)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendto$inet6(r4, 0x0, 0x0, 0x20000008, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
setsockopt$SO_BINDTODEVICE(r4, 0x1, 0x19, &(0x7f0000000280)='syz_tun\x00', 0x10)
r20 = open(&(0x7f0000000440)='./bus\x00', 0x141042, 0x108)
ftruncate(r20, 0x2007fff)
sendfile(r5, r20, 0x0, 0x8000fffffffe)

00:20:56 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:56 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:56 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:56 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  325.271009][T12021] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  325.271009][T12021]    program syz-executor.3 not setting count and/or reply_len properly
[  325.288922][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  325.289048][    C1] protocol 88fb is buggy, dev hsr_slave_1
00:20:56 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:56 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:56 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={0x0, 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  325.569552][T12029] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
[  325.602846][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  325.608991][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  325.644298][T12039] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  325.644298][T12039]    program syz-executor.3 not setting count and/or reply_len properly
00:20:57 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  325.682525][T12034] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based  firewall rule not found. Use the iptables CT target to attach helpers instead.
00:20:57 executing program 3:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  325.842894][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  325.849058][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  325.990625][T12054] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  325.990625][T12054]    program syz-executor.3 not setting count and/or reply_len properly
[  326.002928][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  326.013959][    C1] protocol 88fb is buggy, dev hsr_slave_1
00:20:57 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x0, 0x0, @mcast1}, 0x1c)

00:20:57 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = socket$inet6(0xa, 0x80002, 0x0)
readv(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/45, 0x2d}], 0x1)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="0900000000003639408fa3a3ba27660199783b0a82f79b32a7c8225086600a38e07d4db88a66596759e95307b680ab73e03c53555c97e8e37d01da4d44a994354a9fa3f355214eeabd24fd620b2022d5ad63b369aaffe9a6b608a5fece0eca95d71f2d3e60613a027fb50cbcbd92d44076d3b97247e066165ccf1032f51d36ab231f6c20d87e9167edf69776dca67d90a17ccd18fb9c7b21d53478e382dcf296a23a060bfe9a", 0xa6}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)

00:20:57 executing program 0:
clone(0x800007fc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
ioctl$HDIO_GETGEO(0xffffffffffffffff, 0x301, &(0x7f0000000180))
wait4(0x0, 0x0, 0x80000000, 0x0)
sendmsg$nl_netfilter(0xffffffffffffffff, &(0x7f00000021c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB="13f80f34"], 0x4}}, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB='\f', @ANYRES64], 0x0, 0x9}, 0x20)
tkill(r0, 0x3b)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x7, r0, 0x0, 0x0)
mprotect(&(0x7f0000fff000/0x1000)=nil, 0x1000, 0x2000008)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFBR(r1, 0x8940, &(0x7f0000000140)=@add_del={0x2, &(0x7f0000000040)='sit0\x00'})
getsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000), 0x10)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
recvmmsg(r2, &(0x7f0000004380)=[{{0x0, 0x0, 0x0}}], 0x1, 0x5eec90c64dd695a1, 0x0)

00:20:57 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:57 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={0x0, 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:57 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:57 executing program 5:
perf_event_open(&(0x7f0000000300)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8d1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

00:20:57 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
getpeername$inet(r0, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  326.460750][T12069] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  326.460750][T12069]    program syz-executor.3 not setting count and/or reply_len properly
[  326.606299][T12084] ptrace attach of "/root/syz-executor.0"[12083] was attempted by "/root/syz-executor.0"[12084]
00:20:58 executing program 0:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = gettid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r2, 0x0, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
r4 = socket$inet6(0xa, 0x80002, 0x0)
readv(r4, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/45, 0x2d}], 0x1)
vmsplice(0xffffffffffffffff, &(0x7f00000000c0)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000000100)="0900000000003639408fa3a3ba27660199783b0a82f79b32a7c8225086600a38e07d4db88a66596759e95307b680ab73e03c53555c97e8e37d01da4d44a994354a9fa3f355214eeabd24fd620b2022d5ad63b369", 0x54}], 0x4, 0x0)
ptrace$setopts(0x4206, r0, 0x0, 0x0)
tkill(r0, 0x3c)
ptrace$cont(0x18, r0, 0x0, 0x0)
ptrace$setregs(0xd, r0, 0x0, &(0x7f0000000080))
ptrace$cont(0x9, r0, 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)

00:20:58 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:58 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:58 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={0x0, 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  326.828940][T12091] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  326.828940][T12091]    program syz-executor.3 not setting count and/or reply_len properly
00:20:58 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x0, 0x0, @mcast1}, 0x1c)

00:20:58 executing program 5:
syz_open_procfs(0x0, &(0x7f00000000c0)='uid_map\x00')

00:20:58 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x4}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz1\x00', 0x200002, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = getpid()
sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net/dev_mcast\x00')
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r5, 0x29, 0x45, &(0x7f00000005c0)={'HL\x00'}, &(0x7f00000009c0)=0x1e)
r6 = add_key(&(0x7f0000000440)='.dead\x00', &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9)
sched_setattr(r0, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, r6)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0xfd14)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

00:20:58 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:58 executing program 3:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:58 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[], 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:58 executing program 5:
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x22}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
pipe(0x0)
syz_open_procfs(0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f00000000c0)={'lo\x00@\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00', 0x101})
ioctl$sock_inet_SIOCSIFFLAGS(r0, 0x8914, &(0x7f0000000140)={'lo\x00\x03\xb1\x00\x00\x00\x00`\x00\xdd\x00\x00\x04\x00'})

00:20:58 executing program 0:
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x9, 0x8d}, 0x0)
r0 = getpid()
sched_setattr(r0, &(0x7f0000000040)={0x30, 0x2, 0x0, 0x0, 0x4}, 0x0)
r1 = socket$inet6(0xa, 0x2, 0x0)
recvmmsg(r1, &(0x7f0000008880), 0x400000000000249, 0x0, 0x0)
pipe(&(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
fcntl$setpipe(r3, 0x407, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000200)='./cgroup/syz1\x00', 0x200002, 0x0)
write(r3, &(0x7f0000000340), 0x41395527)
vmsplice(r2, &(0x7f0000000000)=[{&(0x7f0000000500), 0x3528a9c0}], 0x1, 0x0)
sched_setattr(0x0, &(0x7f0000000080)={0x30, 0x2, 0x1, 0x0, 0x3}, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r4 = getpid()
sched_setattr(r4, &(0x7f0000000040)={0x30, 0x2}, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='net/dev_mcast\x00')
clone(0x103, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000200)={0x2, 0x70, 0x41, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r5 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$IP6T_SO_GET_REVISION_TARGET(r5, 0x29, 0x45, &(0x7f00000005c0)={'HL\x00'}, &(0x7f00000009c0)=0x1e)
r6 = add_key(&(0x7f0000000440)='.dead\x00', &(0x7f0000000480)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffff9)
sched_setattr(r0, 0x0, 0x0)
request_key(0x0, 0x0, 0x0, r6)
write$binfmt_elf64(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYRESDEC], 0xfd14)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x9}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

00:20:58 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:58 executing program 3:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  327.460111][T12130] device lo entered promiscuous mode
00:20:58 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[], 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  327.551311][T12130] device lo left promiscuous mode
00:20:58 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  327.648734][T12140] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  327.648734][T12140]    program syz-executor.3 not setting count and/or reply_len properly
00:20:59 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_opts(r0, 0x29, 0x3b, &(0x7f0000000000)=@fragment, 0x8)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20}, 0x1c)
recvmmsg(r0, &(0x7f0000008880), 0x400000000000249, 0x44000102, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x3a, &(0x7f0000000040)=0x800, 0x128)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x0, 0x0, @mcast1}, 0x1c)

00:20:59 executing program 0:
r0 = openat$selinux_attr(0xffffffffffffff9c, &(0x7f0000000000)='/proc/self/attr/keycreate\x00', 0x2, 0x0)
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
dup2(0xffffffffffffffff, r0)
clone(0x2102001fff, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x80000003, 0x8031, 0xffffffffffffffff, 0x0)
mlockall(0x3)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
recvfrom$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)

00:20:59 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:59 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:20:59 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[], 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:59 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  328.130956][T12162] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  328.130956][T12162]    program syz-executor.3 not setting count and/or reply_len properly
00:20:59 executing program 5:
r0 = openat$zero(0xffffffffffffff9c, &(0x7f0000000200)='/dev/zero\x00', 0x0, 0x0)
close(r0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000200)='/dev/ptmx\x00', 0x0, 0x0)
read(r0, &(0x7f0000000000)=""/11, 0xb)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000001c0))
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$sock_SIOCSIFVLAN_SET_VLAN_FLAG_CMD(r0, 0x8983, 0x0)

00:20:59 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:20:59 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:20:59 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

[  328.458418][T12187] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  328.458418][T12187]    program syz-executor.3 not setting count and/or reply_len properly
00:20:59 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
getrandom(&(0x7f0000000100)=""/148, 0x94, 0x2)

00:21:00 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  328.807318][T12205] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  328.807318][T12205]    program syz-executor.3 not setting count and/or reply_len properly
00:21:00 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  329.022074][T12211] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  329.022074][T12211]    program syz-executor.3 not setting count and/or reply_len properly
00:21:00 executing program 0:

00:21:00 executing program 5:
clone(0x100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
getrandom(&(0x7f0000000100)=""/148, 0x94, 0x2)

00:21:00 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:21:00 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:00 executing program 2:

00:21:00 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:00 executing program 5:

00:21:00 executing program 2:

[  329.597750][T12227] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  329.597750][T12227]    program syz-executor.3 not setting count and/or reply_len properly
00:21:01 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(0xffffffffffffffff, &(0x7f0000000500)={0x2, 0x0, @initdev}, &(0x7f0000000540)=0x10)

00:21:01 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:01 executing program 5:

00:21:01 executing program 0:

00:21:01 executing program 2:

00:21:01 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB], 0x0}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  329.897601][T12244] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  329.897601][T12244]    program syz-executor.3 not setting count and/or reply_len properly
00:21:01 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, 0x0, &(0x7f0000000540))

00:21:01 executing program 5:

00:21:01 executing program 0:

00:21:01 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:01 executing program 2:

00:21:01 executing program 5:

00:21:01 executing program 0:

00:21:01 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4"], 0x0, 0x43}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  330.261793][T12264] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  330.261793][T12264]    program syz-executor.3 not setting count and/or reply_len properly
00:21:01 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, 0x0, &(0x7f0000000540))

00:21:01 executing program 5:

00:21:01 executing program 2:

00:21:01 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:01 executing program 0:

00:21:02 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, 0x0, &(0x7f0000000540))

[  330.602326][T12285] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  330.602326][T12285]    program syz-executor.3 not setting count and/or reply_len properly
00:21:02 executing program 2:

00:21:02 executing program 5:

00:21:02 executing program 0:

00:21:02 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, 0x0)

00:21:02 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:02 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4"], 0x0, 0x43}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:02 executing program 5:

00:21:02 executing program 2:

00:21:02 executing program 0:

00:21:02 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, 0x0)

[  331.038395][T12310] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  331.038395][T12310]    program syz-executor.3 not setting count and/or reply_len properly
00:21:02 executing program 2:

00:21:02 executing program 5:

00:21:02 executing program 0:

00:21:02 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:02 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4"], 0x0, 0x43}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:02 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
getpeername$inet(r1, &(0x7f0000000500)={0x2, 0x0, @initdev}, 0x0)

00:21:02 executing program 2:

00:21:02 executing program 5:

[  331.486559][T12333] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  331.486559][T12333]    program syz-executor.3 not setting count and/or reply_len properly
00:21:02 executing program 0:

00:21:02 executing program 2:

00:21:02 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x100, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:02 executing program 5:

00:21:02 executing program 1:

00:21:03 executing program 2:
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
chdir(&(0x7f0000000100)='./file0/file1\x00')
read$FUSE(r0, &(0x7f0000002540), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, 0x1}, 0x50)
read$FUSE(r0, &(0x7f0000000480), 0x93f)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
write$FUSE_ENTRY(r0, &(0x7f0000001600)={0x90, 0x0, 0x2}, 0x90)

00:21:03 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f00000006c0)=0x2000000000000001, 0x4)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000013, &(0x7f0000000180), 0x4)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)

00:21:03 executing program 1:

00:21:03 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf79"], 0x0, 0x64}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:03 executing program 5:

[  331.889710][T12350] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  331.889710][T12350]    program syz-executor.3 not setting count and/or reply_len properly
00:21:03 executing program 1:

00:21:03 executing program 5:

00:21:03 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcsa\x00', 0x0, 0x0)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_NAME_TABLE_GET(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={0x0}}, 0x0)

00:21:03 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x8, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:03 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f00000006c0)=0x2000000000000001, 0x4)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000013, &(0x7f0000000180), 0x4)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)

00:21:03 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x247, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_PAUSE_OUTPUT(0xffffffffffffffff, 0x40042409, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000500)=ANY=[@ANYBLOB="b702000014000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000e3a333a0daf2f73451c0e17a606fec68cb7d18ad181867514fe60077d4dd90123d27e7cf43548ee85857ad4a77cb56e07dfbdfd4e70ebec677d6ac14c2c794f72cbf5fe31789e70233bfd8115efd90c8c48258f8dbe82e16cf0000000000000000000000000000000000000000000000000000790ae2fd45d54b107c8c247f195e32f17799d6707432ff48bc085763314166443ce72c74f3db890e1ff15a10d91f27e9a232fe2238fff867ba8fd41b29caad2a986e0e244bd117252e47ffda1a869db7e632df4de8572344b419c45c2170fe873692d8255170c16822bdffd3135480dae93c7e33bdef00000000d8fd8c6e62d0967ab7e43686b4d1e03e326beea7905ef7de375ef8bc8143df20d13c37db2699f1210fab7071cc3094078a044777aab9d86cf50afefd7b72a0950d389bc9cb43aa607b7269561dd50b22bd2491331818a10f2ac8c3249582a20d4e04fd1ab7883f656b84137d5f7a6edba86a7b9a4c2f3b3a8abf93b280ea53ce01dcc2d30f4310e8281b0cdc017f9759060ea88a2f6597e966a85c9a74ca196700218f9197e7a5513c13e79d46bb4b84c16fd56ee450e411d75ab7613b644ba7580b2a0942394ed1737517eed1c892422f54d5a2e1cf1a60fe2dcc1a465aa8d54cb400"/585], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x24f}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x1800000000000060, 0xe80, 0xfffffffffffffe64, &(0x7f0000000100)="0000003f0000007e5bc5795eca0000080000000000000000ffff08", 0x0, 0x100, 0xf2ffffff, 0xfffffe0c, 0xfffffffffffffe05, &(0x7f0000000280)="f2a134bd13c7bd41a2a738ad8e7625ed330eb46063bd287d832698132e59ef45f8f50845c0ac85604b448e24348e4ae93e68238b7b9d561b349d19b5f5784e031c55c5a4e48926a1526e38640a161fab39732052ee83bc3b9cb625962f3eaf1ed426e6f0442693c16b0ab6a89a5738f5bccd6ae1492f8471a7afec6b", &(0x7f0000000380)="712ae01ebf877f139c8f1b0fcd056310bfa3de7157976d3ff4c82f2e0d1885774c5b7c7c853e5424fbf469ab0726e9f41208f98d20b093ddbb7f52e015b875cea2900b2443348cdf466c18cfae89ce96f0437cb21ca3703f0b94273c7500"/106}, 0x28)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='cpuacct.stat\x00', 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000880)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)=""/45, 0x2}, 0xffffffffffffff6a)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.net/syz0\x00', 0x200002, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
bpf$MAP_CREATE(0x0, &(0x7f0000000500)={0x0, 0x0, 0x0, 0xf1a}, 0x2c)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)
bpf$BPF_MAP_GET_FD_BY_ID(0xe, 0x0, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000007340)={&(0x7f0000006f40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, 0x80, &(0x7f0000007240)=[{0x0}, {0x0}], 0x2}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xb, 0x0, 0x0, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x78)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xb, 0x0, 0x0, &(0x7f0000000440)='syzkaller\x00', 0x7, 0x90, &(0x7f0000000200)=""/144, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xb, 0x3, &(0x7f00000003c0)=@framed={{0x18, 0x0, 0x10000000}}, 0x0, 0x0, 0x90, &(0x7f0000000200)=""/144, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)={0x0, 0x10, 0x3}, 0x2c)
bpf$PROG_LOAD(0x5, &(0x7f0000000940)={0xb, 0x1, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800000028e2dbe400000000"], &(0x7f0000000440)='syzkaller\x00', 0x7, 0x90, &(0x7f0000000200)=""/144, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0}, 0x78)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000a40)={0x0}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, 0x0, 0x0)

00:21:03 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf79"], 0x0, 0x64}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:04 executing program 2:
r0 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @remote}}, 0x24)
sendmmsg(r0, &(0x7f0000005c00)=[{{0x0, 0xfffffffffffffd95, 0x0, 0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000100100000100000005e8000000000000e458c598ba4904c77813ab29410000000000000087695931515781ae36a4d148f269399022f544be4fac9508cce4df4d7015eb590bbfb45e2584f446722053f1502598808b355f7b815bdb2281145dd688759944bd09b0f55e7ca54b07bd9189de8daeb173aca360f4bca4f5019235efcea227e56f94ddc8d5e02f38fdcdad2e5cc2d3f6b6576d887ebc305217da"], 0x18}}], 0x1, 0x0)
recvmmsg(r0, &(0x7f0000000800)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x1e8}}], 0x400000000000953, 0x0, 0x0)

00:21:04 executing program 1:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket(0xa, 0x802, 0x0)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, 0x0, 0x0)

00:21:04 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:04 executing program 0:
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x3}, 0x0, 0x0, 0x0, 0x7, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x10000000013, &(0x7f00000006c0)=0x2000000000000001, 0x4)
connect$inet(r0, &(0x7f00000000c0)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_int(r0, 0x6, 0x4000000000013, &(0x7f0000000180), 0x4)
write$binfmt_elf32(0xffffffffffffffff, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x0)

00:21:04 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf79"], 0x0, 0x64}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:04 executing program 1:
r0 = timerfd_create(0x0, 0x0)
readv(r0, 0x0, 0x0)
timerfd_settime(r0, 0x0, &(0x7f00000000c0)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x387b1d0849878266, 0x8031, 0xffffffffffffffff, 0x0)
pkey_alloc(0x0, 0x0)

00:21:04 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:04 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
getxattr(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)=@known='system.posix_acl_access\x00', 0x0, 0x0)

00:21:04 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164f"], 0x0, 0x75}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:04 executing program 2:
r0 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0305602, &(0x7f0000000100)={0x2})

00:21:04 executing program 5:
r0 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc040563e, &(0x7f0000000100))

00:21:04 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:04 executing program 0:
r0 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0845658, &(0x7f0000000100))

00:21:04 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x0)

00:21:04 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164f"], 0x0, 0x75}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  333.602614][T12439] sg_write: 3 callbacks suppressed
[  333.602687][T12439] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  333.602687][T12439]    program syz-executor.3 not setting count and/or reply_len properly
00:21:05 executing program 0:
r0 = syz_open_dev$video4linux(&(0x7f00000000c0)='/dev/v4l-subdev#\x00', 0x0, 0x0)
ioctl$VIDIOC_SUBDEV_ENUM_MBUS_CODE(r0, 0xc0585605, &(0x7f0000000100)={0x0, 0x1000})

00:21:05 executing program 5:
mkdir(&(0x7f0000000140)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000440)='cgroup2\x00', 0x0, 0x0)
rmdir(&(0x7f00000000c0)='./file0//ile0\x00')

00:21:05 executing program 1:
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4}, [@ldst={0x0, 0x0, 0xe009}]}, &(0x7f0000003ff6)='G\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x3}, 0x48)

00:21:05 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164f"], 0x0, 0x75}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:05 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x0)

00:21:05 executing program 0:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$kcm(0x2, 0x1000000000000805, 0x84)
sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f00000006c0)=@in={0x2, 0x0, @loopback=0xa1414aa}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000400), 0xff0f}], 0x1}, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
close(r0)

00:21:05 executing program 5:
bpf$MAP_CREATE(0x0, &(0x7f0000000280)={0x14}, 0x3c)

00:21:05 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000636c77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x0)

[  334.314085][T12475] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  334.314085][T12475]    program syz-executor.3 not setting count and/or reply_len properly
00:21:05 executing program 1:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
write$P9_RRENAMEAT(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f0000000280))
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b)
ioctl$TCSETA(r0, 0x5406, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x100000009b4b62b})
r1 = syz_open_pts(r0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x1)
geteuid()
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x17})

00:21:05 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db493"], 0x0, 0x7d}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:05 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:05 executing program 0:
r0 = openat$ion(0xffffffffffffff9c, &(0x7f0000002cc0)='/dev/ion\x00', 0x0, 0x0)
ioctl$ION_IOC_HEAP_QUERY(r0, 0xc0184908, &(0x7f0000000080)={0x34})

00:21:05 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
lseek(r0, 0x0, 0x0)

[  334.770788][T12507] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  334.770788][T12507]    program syz-executor.3 not setting count and/or reply_len properly
00:21:06 executing program 0:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)

00:21:06 executing program 5:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendmmsg$alg(r1, &(0x7f0000002b00)=[{0x0, 0x0, &(0x7f0000001280)=[{&(0x7f0000000180)="99", 0x1}], 0x1}], 0x1, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000080), 0xc4cbfd162f1c6832)

00:21:06 executing program 2:
lseek(0xffffffffffffffff, 0x0, 0x0)

00:21:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db493"], 0x0, 0x7d}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:06 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000080)={0x0, 0x0, 0xf087}, 0x14)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:06 executing program 1:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000100), 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000001c0), 0x8)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)

[  335.021609][T12521] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  335.021609][T12521]    program syz-executor.0 not setting count and/or reply_len properly
00:21:06 executing program 5:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x8000, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)
openat$vsock(0xffffffffffffff9c, 0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

[  335.126539][T12529] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  335.126539][T12529]    program syz-executor.0 not setting count and/or reply_len properly
00:21:06 executing program 2:
lseek(0xffffffffffffffff, 0x0, 0x0)

[  335.183776][T12533] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  335.183776][T12533]    program syz-executor.3 not setting count and/or reply_len properly
00:21:06 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db493"], 0x0, 0x7d}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:06 executing program 0:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x5b1d, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r0 = getpid()
tkill(r0, 0x9)
r1 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = perf_event_open(&(0x7f000025c000)={0x400000001, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, r1, 0x0)
readv(r2, &(0x7f0000001580)=[{&(0x7f0000000100)=""/148, 0x94}], 0x1)
write$FUSE_POLL(0xffffffffffffffff, 0x0, 0x0)

00:21:06 executing program 2:
lseek(0xffffffffffffffff, 0x0, 0x0)

00:21:06 executing program 1:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000100), 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000001c0), 0x8)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)

00:21:06 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  335.451584][T12541] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  335.451584][T12541]    program syz-executor.5 not setting count and/or reply_len properly
00:21:07 executing program 5:
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, &(0x7f0000000100), 0x10)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f00000001c0), 0x8)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)

00:21:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
lseek(r0, 0x0, 0x0)

00:21:07 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:07 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f"], 0x0, 0x81}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:07 executing program 1:
open(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f00005ebff8)=0x3f)
fcntl$setsig(r1, 0xa, 0x12)
fcntl$setownex(r1, 0xf, &(0x7f0000000180)={0x2, r0})
recvmsg(r2, &(0x7f000095cfc8)={0x0, 0x0, 0x0}, 0x0)
dup2(r1, r2)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x15)

00:21:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
lseek(r0, 0x0, 0x0)

[  336.090545][T12585] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  336.090545][T12585]    program syz-executor.3 not setting count and/or reply_len properly
00:21:07 executing program 5:

00:21:07 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
lseek(r0, 0x0, 0x0)

00:21:07 executing program 0:
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000cf6fe4)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c)
connect$inet6(r0, &(0x7f0000d83fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f000095dff8)=ANY=[@ANYBLOB='\x00', @ANYRES32=<r1=>0x0], &(0x7f0000000180)=0x8)
getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={r1, @in6={{0xa, 0x4e23, 0x0, @loopback}}}, &(0x7f0000000240)=0x98)

00:21:07 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f"], 0x0, 0x81}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:07 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:07 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)

00:21:07 executing program 5:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = socket$kcm(0x11, 0x2, 0x0)
socket$kcm(0x11, 0x8000000000000003, 0x0)
close(r1)

00:21:08 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)

[  336.764799][T12605] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  336.764799][T12605]    program syz-executor.3 not setting count and/or reply_len properly
00:21:08 executing program 0:
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f00000003c0)={<r1=>0xffffffffffffffff})
tee(r1, r0, 0x100000001, 0x2)

00:21:08 executing program 5:
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r2 = creat(&(0x7f0000000000)='./bus\x00', 0x0)
creat(0x0, 0x0)
fchdir(0xffffffffffffffff)
write$cgroup_type(r2, &(0x7f0000000200)='threaded\x00', 0xf642e7e)
r3 = open(&(0x7f0000000140)='./bus\x00', 0x141042, 0x0)
r4 = creat(&(0x7f0000000300)='./file0\x00', 0x0)
ioctl$EXT4_IOC_SETFLAGS(r1, 0x40086602, &(0x7f0000000080))
ioctl$EXT4_IOC_MOVE_EXT(r3, 0xc028660f, &(0x7f0000000100)={0x0, r4})

00:21:08 executing program 1:
open(0x0, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x2}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$int_in(r1, 0x5452, &(0x7f00005ebff8)=0x3f)
fcntl$setsig(r1, 0xa, 0x12)
fcntl$setownex(r1, 0xf, &(0x7f0000000180)={0x2, r0})
recvmsg(r2, &(0x7f000095cfc8)={0x0, 0x0, 0x0}, 0x0)
dup2(r1, r2)
clone(0x0, 0x0, 0x0, 0x0, 0x0)
tkill(r0, 0x15)

00:21:08 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f"], 0x0, 0x81}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:08 executing program 2:
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
lseek(0xffffffffffffffff, 0x0, 0x0)

00:21:08 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:08 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080), 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000440), 0x12f7e5)
clone(0x2000000002000100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000000))
r1 = fcntl$dupfd(r0, 0x0, r0)
getsockopt$ARPT_SO_GET_ENTRIES(r1, 0x0, 0x61, 0x0, &(0x7f0000000000))
pipe(&(0x7f0000000380)={<r2=>0xffffffffffffffff})
read(r2, &(0x7f0000000200)=""/250, 0x50c7e3e3)

00:21:08 executing program 5:

00:21:08 executing program 2:

00:21:08 executing program 5:

00:21:08 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:09 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d9"], 0x0, 0x83}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:09 executing program 2:

00:21:09 executing program 5:

00:21:09 executing program 1:

00:21:09 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(0x0, 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:09 executing program 2:

00:21:09 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d9"], 0x0, 0x83}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:09 executing program 5:

00:21:09 executing program 0:

00:21:09 executing program 5:

00:21:09 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:09 executing program 2:

00:21:09 executing program 0:

00:21:09 executing program 1:

00:21:09 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d9"], 0x0, 0x83}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:09 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:10 executing program 5:

00:21:10 executing program 0:

00:21:10 executing program 2:

00:21:10 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x0)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:10 executing program 1:

00:21:10 executing program 5:

00:21:10 executing program 0:

00:21:10 executing program 2:

00:21:10 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90b"], 0x0, 0x84}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:10 executing program 1:

00:21:10 executing program 5:

00:21:10 executing program 0:

00:21:10 executing program 2:

00:21:10 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(0xffffffffffffffff, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:10 executing program 1:
clone(0x23102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000b08000/0x14000)=nil, 0x14000, 0x0, 0x10, r0, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000200)='security.capability\x00', 0x0, 0x0, 0x3)

00:21:10 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90b"], 0x0, 0x84}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:10 executing program 2:
clone(0x23102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000b08000/0x14000)=nil, 0x14000, 0x0, 0x10, r0, 0x0)
setxattr$security_capability(0x0, &(0x7f0000000200)='security.capability\x00', &(0x7f0000000240)=@v2, 0x14, 0x0)

00:21:10 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(0xffffffffffffffff, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:10 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r1, 0x0, 0x0, 0x20000004, &(0x7f0000000080)={0xa, 0x4e22}, 0x1c)
r2 = accept(r0, 0x0, 0x0)
write$nbd(r1, 0x0, 0x0)
setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @remote}, 0xc)

00:21:10 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/ptmx\x00', 0x0, 0x0)
read(r0, &(0x7f0000000540)=""/11, 0x485)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000200))
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r1 = socket$netlink(0x10, 0x3, 0x3)
dup2(r0, r1)
ioctl$LOOP_GET_STATUS(r1, 0x4c03, 0x0)

[  339.627362][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
00:21:11 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(0xffffffffffffffff, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:11 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90b"], 0x0, 0x84}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  339.853078][    C0] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
00:21:11 executing program 0:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcsa\x00', 0x0, 0x0)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
getsockopt$sock_buf(r0, 0x1, 0x1a, 0x0, &(0x7f0000000000))

00:21:11 executing program 5:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f0000000380)='/dev/vcsa\x00', 0x0, 0x0)
close(r0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)

00:21:11 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:11 executing program 0:
pipe(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
r3 = socket(0x11, 0x800000003, 0x0)
bind(r3, &(0x7f0000000080)=@generic={0x11, "0000010000000000080044944eeba71a4976e252922cb18f6e2e2aba000000012e0b3836005404b0e0301a4ce875f2e3ff5f163ee340b7679500800000000000000101013c58110308d9123127ecce66fd792bbf0e5bf5ff1b0816f3f6db1c00010000000000000049740000000000000006ad8e5ecc326d3a09ffc2c654"}, 0x80)
getsockname$packet(r3, &(0x7f0000000000)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000140)=0xd0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="d00800002800ffcd3bff0fe225fb18782a000004", @ANYRES32=r4], 0x2}}, 0x0)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x0, &(0x7f0000000000)={@mcast2}, 0x14)
close(r2)
socket(0x10, 0x80002, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = dup2(r5, r5)
ioctl$PERF_EVENT_IOC_ENABLE(r6, 0x8912, 0x400200)
write$binfmt_misc(r1, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe0, 0x0)

[  340.368055][T12792] netlink: 2220 bytes leftover after parsing attributes in process `syz-executor.0'.
00:21:11 executing program 1:
keyctl$assume_authority(0x10, 0x0)
r0 = socket(0x0, 0x0, 0x0)
r1 = socket(0x9, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$FOU_CMD_DEL(r0, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x1)
setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000600001000180002808cb6e9b81e8eae777dbc4285cb000000000000"], 0x18)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
r3 = socket$inet6(0xa, 0x100800000000002, 0x0)
setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000600001000180002808cb6e9b81e8eae777dbc4285cb000000000000"], 0x18)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x3ac)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ppoll(&(0x7f0000000140)=[{}, {r1}, {}], 0x3, &(0x7f0000000400), 0x0, 0x35e)
ioprio_get$pid(0x0, 0x0)
getegid()
write(r5, &(0x7f00000001c0), 0xfffffef3)
read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
r7 = dup(0xffffffffffffffff)
setsockopt$netlink_NETLINK_CAP_ACK(r7, 0x10e, 0xa, 0x0, 0x0)
clone(0x2102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
getpeername$packet(r0, 0x0, &(0x7f0000000440)=0xffffffffffffff84)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

00:21:11 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:11 executing program 5:
io_setup(0xc32f, &(0x7f0000000440)=<r0=>0x0)
io_destroy(r0)

00:21:11 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:11 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100)='/dev/net/tun\x00', 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000001c0)={'veth0\x00', 0x201a})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000140)={'veth0\x00\x00\x00\f\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f00000000c0)={@rand_addr="489592572ca0aed6de1b4bc6da12572c", 0x0, r3})
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @rand_addr="d214c0e12eb5e6ea076cca63e0537907"}, 0x1c)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)

00:21:12 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, 0x0, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:12 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:12 executing program 5:
r0 = socket$netlink(0x10, 0x3, 0xc)
writev(r0, &(0x7f000037d000)=[{&(0x7f0000000000)="1f00000002031900000007000000068100ed853b09000100010100ff3ffe58", 0x1f}], 0x1)
r1 = socket$netlink(0x10, 0x3, 0xc)
writev(r1, &(0x7f0000fb5ff0)=[{&(0x7f0000fb4000)="1f00000001031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1)

00:21:12 executing program 2:
r0 = socket$packet(0x11, 0x600000000003, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'lo\x00\x00\x00\x00\x02\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000080)={r1, 0x3, 0x6, @broadcast}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
close(r0)

00:21:12 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

[  340.962208][T12836] device lo entered promiscuous mode
[  340.986411][T12836] device lo left promiscuous mode
00:21:12 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(0x0, 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  341.056196][T12840] device lo entered promiscuous mode
[  341.072250][T12841] device lo left promiscuous mode
00:21:12 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:12 executing program 1:
keyctl$assume_authority(0x10, 0x0)
r0 = socket(0x0, 0x0, 0x0)
r1 = socket(0x9, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
sendmsg$FOU_CMD_DEL(r0, 0x0, 0x0)
fcntl$lock(0xffffffffffffffff, 0x0, 0x0)
openat$smack_thread_current(0xffffffffffffff9c, &(0x7f0000000040)='/proc/thread-self/attr/current\x00', 0x2, 0x0)
r2 = socket$inet6(0xa, 0x2, 0x1)
setsockopt$inet6_opts(r2, 0x29, 0x3b, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000600001000180002808cb6e9b81e8eae777dbc4285cb000000000000"], 0x18)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
r3 = socket$inet6(0xa, 0x100800000000002, 0x0)
setsockopt$inet6_opts(r3, 0x29, 0x3b, &(0x7f0000000300)=ANY=[@ANYBLOB="1801000600001000180002808cb6e9b81e8eae777dbc4285cb000000000000"], 0x18)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x0, 0x0, @dev, 0x3}, 0x1c)
syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
write$UHID_SET_REPORT_REPLY(0xffffffffffffffff, 0x0, 0x3ac)
pipe(&(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
ppoll(&(0x7f0000000140)=[{}, {r1}, {}], 0x3, &(0x7f0000000400), 0x0, 0x35e)
ioprio_get$pid(0x0, 0x0)
getegid()
write(r5, &(0x7f00000001c0), 0xfffffef3)
read(r4, &(0x7f0000000200)=""/250, 0x50c7e3e3)
socket$inet_udplite(0x2, 0x2, 0x88)
socket(0x10, 0x3, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r6, 0x6, 0x200000000000013, &(0x7f0000000280)=0x400100000001, 0x4)
r7 = dup(0xffffffffffffffff)
setsockopt$netlink_NETLINK_CAP_ACK(r7, 0x10e, 0xa, 0x0, 0x0)
clone(0x2102001ff6, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
getpeername$packet(r0, 0x0, &(0x7f0000000440)=0xffffffffffffff84)
msync(&(0x7f0000952000/0x2000)=nil, 0x87abbe8d1cc6ad9, 0x4)

00:21:12 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(0xffffffffffffffff, 0x5402, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280))
r1 = syz_open_pts(r0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff})
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r3=>0x0}, &(0x7f0000cab000)=0x1)
setresuid(0x0, r3, 0x0)
r4 = geteuid()
setreuid(0x0, r4)
ioctl$TCSETSF(r1, 0x5412, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)

00:21:12 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:12 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180)='/dev/ptmx\x00', 0x8000000000006, 0x0)
write$P9_RRENAMEAT(0xffffffffffffffff, 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280))
write$binfmt_aout(r0, &(0x7f0000000240)=ANY=[], 0x35b)
ioctl$TCSETA(r0, 0x5406, 0x0)
r1 = syz_open_pts(r0, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x1)
geteuid()
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000100)={0x17})

00:21:12 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:12 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:12 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080), 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID(r2, 0x4008ae8a, &(0x7f0000000580)=ANY=[])

00:21:13 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:13 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
readv(0xffffffffffffffff, &(0x7f0000000040), 0x0)
getrandom(&(0x7f0000000080)=""/150, 0x96, 0x2)
fcntl$setlease(0xffffffffffffffff, 0x400, 0x0)
getsockopt$netlink(0xffffffffffffffff, 0x10e, 0x0, 0x0, 0x0)

00:21:13 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:13 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:13 executing program 1:
r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r0)
ftruncate(r0, 0x0)

00:21:13 executing program 5:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0x10, 0x0)

00:21:13 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c", 0x24)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:13 executing program 2:
keyctl$search(0xa, 0x0, &(0x7f0000000040)='asymmetric\x00', 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$int_out(0xffffffffffffffff, 0x200002080004535, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = memfd_create(&(0x7f00000004c0)='/dev/snd/seq\x00', 0x0)
r1 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1)
r3 = dup2(r2, r1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0xbf00000000000000, 0x0, @tick, {}, {}, @connect}], 0xffffff76)
fstatfs(r0, 0x0)
pipe2(&(0x7f00000000c0), 0x4000)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)

00:21:13 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:13 executing program 0:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:13 executing program 0:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:13 executing program 5:
mknod(&(0x7f0000002300)='./bus\x00', 0x80008000, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x0, 0x0)

00:21:13 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c", 0x24)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:14 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:14 executing program 0:
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:14 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
r2 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r2, 0x1, 0x11, &(0x7f0000caaffb)={0x0, 0x0, <r3=>0x0}, &(0x7f0000cab000)=0xc)
setresgid(0xffffffffffffffff, r3, 0xffffffffffffffff)

00:21:14 executing program 5:
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(0xffffffffffffffff, 0x84, 0x22, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r1, 0x84, 0x7c, &(0x7f0000000080)={0x0, 0x0, 0x2}, 0xc4cbfd162f1c6832)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, 0x0, 0x0)

00:21:14 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c", 0x24)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:14 executing program 0:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:14 executing program 2:
keyctl$search(0xa, 0x0, &(0x7f0000000040)='asymmetric\x00', 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$int_out(0xffffffffffffffff, 0x200002080004535, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = memfd_create(&(0x7f00000004c0)='/dev/snd/seq\x00', 0x0)
r1 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1)
r3 = dup2(r2, r1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0xbf00000000000000, 0x0, @tick, {}, {}, @connect}], 0xffffff76)
fstatfs(r0, 0x0)
pipe2(&(0x7f00000000c0), 0x4000)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)

00:21:14 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup2(r0, r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
r2 = perf_event_open(&(0x7f0000c86f88)={0x2, 0x70, 0xfffffffffffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
mmap(&(0x7f00001c0000/0x2000)=nil, 0x2000, 0x0, 0x6011, r2, 0x0)

00:21:14 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba", 0x36)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:14 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:14 executing program 0:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:14 executing program 5:

00:21:14 executing program 5:
keyctl$search(0xa, 0x0, &(0x7f0000000040)='asymmetric\x00', 0x0, 0x0)
syz_open_pts(0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$int_out(0xffffffffffffffff, 0x200002080004535, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = memfd_create(&(0x7f00000004c0)='/dev/snd/seq\x00', 0x0)
r1 = memfd_create(&(0x7f0000000400)='\xe87y\xd8\x0e\xfaE\xbb\x7fH\xbe\xbc\x95\x87\v\xd0\xcd9\xbd(0\xeeG\xaf\xe7\xb3?\xc7x\xbd\xe2R\xc5\r.', 0x0)
r2 = syz_open_dev$sndseq(&(0x7f0000000700)='/dev/snd/seq\x00', 0x0, 0x1)
r3 = dup2(r2, r1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue1\x00\x00\x00\x00\x00\x00\x00\x001;\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x06\x00\x00\x00\x00\x00\xcc\xbf}\xdd\x00'})
ioctl$SNDRV_SEQ_IOCTL_GET_QUEUE_INFO(0xffffffffffffffff, 0xc08c5334, &(0x7f00000001c0)={0xf48b, 0x0, 0x0, 'queue1\x00'})
write$sndseq(r1, &(0x7f0000000000)=[{0x0, 0x0, 0xbf00000000000000, 0x0, @tick, {}, {}, @connect}], 0xffffff76)
fstatfs(r0, 0x0)
pipe2(&(0x7f00000000c0), 0x4000)
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
write(r4, 0x0, 0x0)

[  343.452020][T12979] sg_write: data in/out 429306/6 bytes for SCSI command 0x67-- guessing data in;
[  343.452020][T12979]    program syz-executor.3 not setting count and/or reply_len properly
00:21:14 executing program 1:

00:21:14 executing program 0:
socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:15 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba", 0x36)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:15 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100))
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:15 executing program 1:

[  343.823687][T13000] sg_write: data in/out 429306/6 bytes for SCSI command 0x67-- guessing data in;
[  343.823687][T13000]    program syz-executor.3 not setting count and/or reply_len properly
00:21:15 executing program 2:

00:21:15 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

00:21:15 executing program 1:

00:21:15 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba", 0x36)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:15 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:15 executing program 5:

00:21:15 executing program 5:

[  344.313421][T13015] sg_write: data in/out 429306/6 bytes for SCSI command 0x67-- guessing data in;
[  344.313421][T13015]    program syz-executor.3 not setting count and/or reply_len properly
00:21:15 executing program 1:

00:21:15 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

00:21:15 executing program 2:

00:21:15 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf", 0x3f)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:15 executing program 5:

00:21:15 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:15 executing program 1:

00:21:16 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

00:21:16 executing program 5:

00:21:16 executing program 2:

[  344.656995][T13037] sg_write: data in/out 429306/15 bytes for SCSI command 0x67-- guessing data in;
[  344.656995][T13037]    program syz-executor.3 not setting count and/or reply_len properly
00:21:16 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf", 0x3f)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:16 executing program 1:

00:21:16 executing program 5:

00:21:16 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:16 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

00:21:16 executing program 2:

00:21:16 executing program 1:

[  345.075938][T13059] sg_write: data in/out 429306/15 bytes for SCSI command 0x67-- guessing data in;
[  345.075938][T13059]    program syz-executor.3 not setting count and/or reply_len properly
00:21:16 executing program 5:

00:21:16 executing program 2:

00:21:16 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

00:21:16 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf", 0x3f)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:16 executing program 1:

00:21:16 executing program 2:

[  345.481888][T13082] sg_write: data in/out 429306/15 bytes for SCSI command 0x67-- guessing data in;
[  345.481888][T13082]    program syz-executor.3 not setting count and/or reply_len properly
00:21:16 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:16 executing program 5:

00:21:16 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)

00:21:16 executing program 1:

00:21:17 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863", 0x44)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:17 executing program 2:

00:21:17 executing program 5:

00:21:17 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

00:21:17 executing program 1:

[  345.898164][T13102] sg_write: data in/out 429306/20 bytes for SCSI command 0x67-- guessing data in;
[  345.898164][T13102]    program syz-executor.3 not setting count and/or reply_len properly
00:21:17 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:17 executing program 2:

00:21:17 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

00:21:17 executing program 5:

00:21:17 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863", 0x44)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:17 executing program 1:

00:21:17 executing program 2:

[  346.299732][T13126] sg_write: data in/out 429306/20 bytes for SCSI command 0x67-- guessing data in;
[  346.299732][T13126]    program syz-executor.3 not setting count and/or reply_len properly
00:21:17 executing program 1:

00:21:17 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)

00:21:17 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100)='/dev/ptmx\x00', 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00003b9fdc))
r1 = syz_open_pts(r0, 0x0)
ioctl$TCSETA(r1, 0x5406, &(0x7f0000000000)={0x6})
ioctl$TCSETSF(r1, 0x5412, &(0x7f0000000040))

00:21:17 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:18 executing program 2:

00:21:18 executing program 5:

00:21:18 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863", 0x44)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:18 executing program 1:

00:21:18 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x0, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

[  346.859914][T13150] sg_write: data in/out 429306/20 bytes for SCSI command 0x67-- guessing data in;
[  346.859914][T13150]    program syz-executor.3 not setting count and/or reply_len properly
00:21:18 executing program 2:

00:21:18 executing program 5:

00:21:18 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:18 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000009c0)=[{&(0x7f0000000280)=""/210, 0xd2}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000100)=""/116, 0x74}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
r5 = socket$inet6_sctp(0x1c, 0x800000000000005, 0x84)
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000640)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5}, 0x0)
shutdown(r4, 0x0)
shutdown(r2, 0x0)

00:21:18 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000540)=[{&(0x7f0000000000)=""/245}, {&(0x7f0000000180)=""/123}, {&(0x7f0000000200)=""/99}, {&(0x7f0000000380)=""/254, 0x3c8}, {&(0x7f00000004c0)=""/84}], 0x1000000000000384)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000100)=""/116, 0x74}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
r5 = socket$inet6_sctp(0x1c, 0x800000000000005, 0x84)
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x0)
shutdown(r4, 0x0)
shutdown(r2, 0x0)

00:21:18 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c", 0x46)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:18 executing program 2:

[  347.285982][T13174] sg_write: data in/out 429306/22 bytes for SCSI command 0x67-- guessing data in;
[  347.285982][T13174]    program syz-executor.3 not setting count and/or reply_len properly
00:21:18 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:18 executing program 2:

00:21:18 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c", 0x46)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:18 executing program 1:

00:21:19 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x0, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:19 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:19 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:19 executing program 2:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x75)

00:21:19 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c", 0x46)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:19 executing program 5:
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendmmsg$alg(r2, &(0x7f0000002b00), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x0, 0x8}, 0x8)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
preadv(r0, &(0x7f00000017c0), 0x3a8, 0x0)

00:21:19 executing program 2:
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
chdir(&(0x7f0000000100)='./file0/file1\x00')
read$FUSE(r0, &(0x7f0000002540), 0x1000)
write$FUSE_INIT(r0, &(0x7f0000000080)={0x50, 0x0, 0x1}, 0x50)
read$FUSE(r0, &(0x7f0000000480), 0x93f)
write$FUSE_NOTIFY_DELETE(r0, &(0x7f00000001c0)={0x32, 0x6, 0x0, {0x1, 0x0, 0x9, 0x0, '\'\x15eth0GPL'}}, 0x32)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000300)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
setxattr$security_selinux(&(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='security.selinux\x00', 0x0, 0x0, 0x0)
write$FUSE_ENTRY(r0, &(0x7f0000001600)={0x90, 0x0, 0x2}, 0x90)

00:21:19 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b", 0x47)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:19 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x0, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:19 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:19 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:19 executing program 5:
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendmmsg$alg(r2, &(0x7f0000002b00), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x0, 0x8}, 0x8)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
preadv(r0, &(0x7f00000017c0), 0x3a8, 0x0)

00:21:19 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b", 0x47)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:19 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:19 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:19 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

[  348.460203][T13251] sg_write: 3 callbacks suppressed
[  348.460238][T13251] sg_write: data in/out 429306/23 bytes for SCSI command 0x67-- guessing data in;
[  348.460238][T13251]    program syz-executor.3 not setting count and/or reply_len properly
00:21:19 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:19 executing program 5:
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendmmsg$alg(r2, &(0x7f0000002b00), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x0, 0x8}, 0x8)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
preadv(r0, &(0x7f00000017c0), 0x3a8, 0x0)

00:21:20 executing program 2:
setreuid(0x0, 0xee00)
r0 = geteuid()
setreuid(0x0, 0x0)
mknod(&(0x7f00000005c0)='./bus\x00', 0x8, 0x0)
lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='security.capability\x00', &(0x7f0000000080)=@v3={0x3000000, [], r0}, 0x18, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
execve(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0)

00:21:20 executing program 3:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, 0x0, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b", 0x47)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, 0x0)
ioctl$KVM_NMI(0xffffffffffffffff, 0xae9a)

00:21:20 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:20 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:20 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:20 executing program 5:
socket$inet6_tcp(0xa, 0x1, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f00000000c0))
r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/anycast6\x00')
perf_event_open(&(0x7f0000000040)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x510, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r1 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r1, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r1, 0x8)
r2 = accept4(r1, 0x0, 0x0, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r2, 0x84, 0x22, 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f0000000140)={0x0, 0x1}, 0x8)
sendmmsg$alg(r2, &(0x7f0000002b00), 0x0, 0x0)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(0xffffffffffffffff, 0x84, 0x7c, &(0x7f00000001c0)={0x0, 0x0, 0x8}, 0x8)
syz_open_dev$sndpcmc(0x0, 0x0, 0x0)
ioctl$sock_SIOCINQ(0xffffffffffffffff, 0x541b, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)
preadv(r0, &(0x7f00000017c0), 0x3a8, 0x0)

[  349.089985][T13283] sg_write: data in/out 429306/23 bytes for SCSI command 0x67-- guessing data in;
[  349.089985][T13283]    program syz-executor.3 not setting count and/or reply_len properly
00:21:20 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:20 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:20 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
ppoll(&(0x7f0000000100)=[{}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:20 executing program 3:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000)='/dev/kvm\x00', 0x0, 0x0)
ioctl$KVM_CHECK_EXTENSION(r0, 0xae03, 0x19)

00:21:20 executing program 5:
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
r0 = socket$kcm(0x2, 0x1000000000000805, 0x84)
sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f00000006c0)=@in={0x2, 0x0, @loopback=0xa1414aa}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000400), 0xff0f}], 0x1}, 0x0)
sendmsg(r0, &(0x7f0000000240)={&(0x7f00000002c0)=@in={0x2, 0x0, @dev}, 0x80, &(0x7f0000000000)=[{&(0x7f0000000200)='c', 0x1}], 0x1}, 0x0)
close(0xffffffffffffffff)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)
socket$kcm(0x2, 0x0, 0x0)

00:21:20 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:20 executing program 2:
setreuid(0x0, 0xee00)
r0 = geteuid()
setreuid(0x0, 0x0)
mknod(&(0x7f00000005c0)='./bus\x00', 0x8, 0x0)
lsetxattr$security_capability(&(0x7f00000000c0)='./bus\x00', &(0x7f0000000100)='security.capability\x00', &(0x7f0000000080)=@v3={0x3000000, [], r0}, 0x18, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
execve(&(0x7f00000001c0)='./bus\x00', 0x0, 0x0)

00:21:20 executing program 3:
r0 = socket$kcm(0x2, 0x1000000000000805, 0x84)
sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f00000006c0)=@in={0x2, 0x0, @loopback=0xa1414aa}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000400), 0xff0f}], 0x1}, 0x0)
sendmsg(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

00:21:20 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
ppoll(&(0x7f0000000100)=[{}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:20 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:21 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:21 executing program 5:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe1000040e0636c77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000}, 0x28)

00:21:21 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
ppoll(&(0x7f0000000100)=[{}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:21 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:21 executing program 3:
r0 = socket$kcm(0x2, 0x1000000000000805, 0x84)
sendmsg$kcm(r0, &(0x7f0000000100)={&(0x7f00000006c0)=@in={0x2, 0x0, @loopback=0xa1414aa}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000400), 0xff0f}], 0x1}, 0x0)
sendmsg(r0, 0x0, 0x0)
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
close(r0)

00:21:21 executing program 2:
mknod(&(0x7f0000000040)='./file0\x00', 0x17fe, 0x0)
open(&(0x7f0000000200)='./file0\x00', 0x2, 0x0)

00:21:21 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:21 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:21 executing program 3:
r0 = syz_open_dev$evdev(&(0x7f0000000300)='/dev/input/event#\x00', 0x0, 0x0)
ioctl$EVIOCSABS20(r0, 0x401845e0, 0x0)

00:21:21 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(0x0)
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:21 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:21 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0x138, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2}, [@algo_auth={0x48, 0x1, {{'md5\x00'}}}]}, 0x138}}, 0x0)

00:21:21 executing program 5:
open(0x0, 0x0, 0x0)
clone(0x23102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
clone(0x2102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x8031, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000b08000/0x14000)=nil, 0x14000, 0x0, 0x2010, r0, 0x0)
shmctl$SHM_LOCK(0x0, 0xb)
r1 = openat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$TUNSETQUEUE(r1, 0x400454d9, 0x0)
r2 = open(&(0x7f00000005c0)='.\x00', 0x0, 0x0)
close(0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(r2, 0x0, 0x0)
syz_open_dev$vcsn(&(0x7f0000000280)='/dev/vcs#\x00', 0x4b3a, 0x0)
r3 = open(&(0x7f00000005c0)='.\x00', 0x0, 0x0)
close(r3)
sendmsg$TIPC_NL_BEARER_ADD(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
r4 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300)='/dev/ptmx\x00', 0xac0080, 0x0)
ioctl$TIOCGETD(r4, 0x5424, &(0x7f00000002c0))
setxattr$security_capability(&(0x7f0000000100)='./file0\x00', &(0x7f0000000200)='security.capability\x00', &(0x7f0000000240)=@v2={0x2000000, [{0x401}]}, 0x14, 0x3)
timer_create(0x7, 0x0, &(0x7f00000001c0)=<r5=>0x0)
timer_gettime(r5, 0x0)

00:21:21 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}, {0xffffffffffffffff, 0x281}], 0x2, 0x0, 0x0, 0x0)

[  350.548180][T13381] EXT4-fs (sda1): Mount option "noacl" will be removed by 3.5
[  350.548180][T13381] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  350.548180][T13381] 
00:21:21 executing program 3:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r3, 0x0, 0xffffffffffffffff, 0x19)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x161)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r6)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r7 = gettid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r7, r8, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r6, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r11=>r2, r4, 0x0, 0x1, &(0x7f0000000080)='\x00', r10}, 0x30)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0xff, 0x40, 0x6, 0x30, 0x0, 0x7, 0x11540, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffff8, 0x7, @perf_config_ext={0x100000001, 0x2}, 0x8462a1955582d605, 0x2, 0x3, 0x2, 0x3, 0xfc}, r11, 0x0, r0, 0xa)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0x4}]}}, &(0x7f00000002c0)=""/224, 0x26, 0xe0, 0x8}, 0x20)

00:21:21 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0xf0, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}}, 0xf0}}, 0x0)

00:21:22 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:22 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0xf0, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}}, 0xf0}}, 0x0)

[  350.765310][T13381] EXT4-fs (sda1): re-mounted. Opts: noacl,
[  350.866424][T13405] EXT4-fs (sda1): Mount option "noacl" will be removed by 3.5
[  350.866424][T13405] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  350.866424][T13405] 
00:21:22 executing program 0:
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=@newsa={0xf0, 0x10, 0x511, 0x0, 0x0, {{@in6=@dev, @in6=@loopback}, {@in=@broadcast, 0x0, 0x33}, @in=@broadcast, {}, {}, {}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40}}, 0xf0}}, 0x0)

[  351.083853][T13405] EXT4-fs (sda1): re-mounted. Opts: noacl,
00:21:22 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:22 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  351.363405][T13419] EXT4-fs (sda1): Mount option "noacl" will be removed by 3.5
[  351.363405][T13419] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  351.363405][T13419] 
00:21:22 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}, {0xffffffffffffffff, 0x281}], 0x2, 0x0, 0x0, 0x0)

[  351.609170][T13419] EXT4-fs (sda1): re-mounted. Opts: noacl,
00:21:23 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:23 executing program 3:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r3, 0x0, 0xffffffffffffffff, 0x19)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x161)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r6)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r7 = gettid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r7, r8, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r6, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r11=>r2, r4, 0x0, 0x1, &(0x7f0000000080)='\x00', r10}, 0x30)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0xff, 0x40, 0x6, 0x30, 0x0, 0x7, 0x11540, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffff8, 0x7, @perf_config_ext={0x100000001, 0x2}, 0x8462a1955582d605, 0x2, 0x3, 0x2, 0x3, 0xfc}, r11, 0x0, r0, 0xa)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0x4}]}}, &(0x7f00000002c0)=""/224, 0x26, 0xe0, 0x8}, 0x20)

[  351.928906][T13443] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  351.955767][T13443] CPU: 0 PID: 13443 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  351.964128][T13443] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  351.974176][T13443] Call Trace:
[  351.977558][T13443]  dump_stack+0x197/0x210
[  351.981945][T13443]  sysfs_warn_dup.cold+0x1c/0x31
[  351.986876][T13443]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  351.992944][T13443]  sysfs_create_link+0x65/0xc0
[  351.997777][T13443]  device_add+0x756/0x1d00
[  352.002308][T13443]  ? uevent_show+0x370/0x370
[  352.006922][T13443]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  352.013200][T13443]  wiphy_register+0x1c46/0x2720
[  352.018045][T13443]  ? wiphy_unregister+0x1040/0x1040
[  352.023258][T13443]  ? retint_kernel+0x2b/0x2b
[  352.027883][T13443]  ? ieee80211_register_hw+0x2d81/0x3ac0
[  352.033586][T13443]  ieee80211_register_hw+0x157e/0x3ac0
[  352.039213][T13443]  ? ieee80211_ifa_changed+0xde0/0xde0
[  352.044748][T13443]  ? memset+0x32/0x40
[  352.048740][T13443]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  352.055003][T13443]  ? __hrtimer_init+0x13d/0x280
[  352.059872][T13443]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  352.065594][T13443]  ? hwsim_register_received_nl+0x420/0x420
[  352.071476][T13443]  hwsim_new_radio_nl+0x9e3/0x1070
[  352.076663][T13443]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  352.082703][T13443]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  352.089057][T13443]  genl_rcv_msg+0x67d/0xea0
[  352.093554][T13443]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  352.099930][T13443]  ? trace_hardirqs_on_caller+0x6a/0x240
[  352.105582][T13443]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  352.111064][T13443]  ? retint_kernel+0x2b/0x2b
[  352.115649][T13443]  netlink_rcv_skb+0x177/0x450
[  352.120401][T13443]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  352.126718][T13443]  ? netlink_ack+0xb50/0xb50
[  352.131318][T13443]  ? __kasan_check_write+0x14/0x20
[  352.136638][T13443]  ? netlink_deliver_tap+0x24a/0xbe0
[  352.142755][T13443]  genl_rcv+0x29/0x40
[  352.148066][T13443]  netlink_unicast+0x58c/0x7d0
[  352.152828][T13443]  ? netlink_attachskb+0x870/0x870
[  352.158003][T13443]  ? _copy_from_iter_full+0x25d/0x8c0
[  352.163384][T13443]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  352.169151][T13443]  ? __check_object_size+0x3d/0x437
[  352.174348][T13443]  netlink_sendmsg+0x8ee/0xe60
[  352.179103][T13443]  ? netlink_unicast+0x7d0/0x7d0
[  352.184073][T13443]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  352.189624][T13443]  ? apparmor_socket_sendmsg+0x2a/0x30
[  352.195071][T13443]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  352.201439][T13443]  ? security_socket_sendmsg+0x8d/0xc0
[  352.206977][T13443]  ? netlink_unicast+0x7d0/0x7d0
[  352.212518][T13443]  sock_sendmsg+0xd7/0x130
[  352.216947][T13443]  ____sys_sendmsg+0x753/0x880
[  352.221730][T13443]  ? kernel_sendmsg+0x50/0x50
[  352.226504][T13443]  ? __fget+0x35d/0x550
[  352.231379][T13443]  ___sys_sendmsg+0x11d/0x1b0
[  352.236059][T13443]  ? do_recvmmsg+0x7a0/0x7a0
[  352.240653][T13443]  ? __kasan_check_read+0x11/0x20
[  352.245664][T13443]  ? __fget+0x37f/0x550
[  352.249809][T13443]  ? ksys_dup3+0x3e0/0x3e0
[  352.254211][T13443]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  352.259688][T13443]  ? lockdep_hardirqs_on+0x421/0x5e0
[  352.264961][T13443]  ? __fget_light+0x1a9/0x230
[  352.269624][T13443]  ? __fdget+0x1b/0x20
[  352.273678][T13443]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  352.279909][T13443]  __sys_sendmsg+0x105/0x1d0
[  352.284497][T13443]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  352.289704][T13443]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  352.295158][T13443]  ? do_syscall_64+0x26/0x790
[  352.299831][T13443]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  352.305881][T13443]  ? do_syscall_64+0x26/0x790
[  352.310547][T13443]  __x64_sys_sendmsg+0x78/0xb0
[  352.315325][T13443]  do_syscall_64+0xfa/0x790
[  352.319903][T13443]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  352.325810][T13443] RIP: 0033:0x45a679
[  352.329693][T13443] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  352.349280][T13443] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  352.357772][T13443] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  352.365725][T13443] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  352.373680][T13443] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  352.382586][T13443] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  352.390538][T13443] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:23 executing program 5:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r3, 0x0, 0xffffffffffffffff, 0x19)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x161)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r6)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r7 = gettid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r7, r8, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r6, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r11=>r2, r4, 0x0, 0x1, &(0x7f0000000080)='\x00', r10}, 0x30)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0xff, 0x40, 0x6, 0x30, 0x0, 0x7, 0x11540, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffff8, 0x7, @perf_config_ext={0x100000001, 0x2}, 0x8462a1955582d605, 0x2, 0x3, 0x2, 0x3, 0xfc}, r11, 0x0, r0, 0xa)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0x4}]}}, &(0x7f00000002c0)=""/224, 0x26, 0xe0, 0x8}, 0x20)

00:21:23 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:23 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:23 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:24 executing program 1:
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}, {0xffffffffffffffff, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:24 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  352.684557][T13449] EXT4-fs (sda1): Mount option "noacl" will be removed by 3.5
[  352.684557][T13449] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  352.684557][T13449] 
[  352.819291][T13453] debugfs: Directory '†ùƒ[?!' with parent 'ieee80211' already present!
[  352.843665][T13449] EXT4-fs (sda1): re-mounted. Opts: noacl,
00:21:24 executing program 3:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r3, 0x0, 0xffffffffffffffff, 0x19)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x161)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r6)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r7 = gettid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r7, r8, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r6, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r11=>r2, r4, 0x0, 0x1, &(0x7f0000000080)='\x00', r10}, 0x30)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0xff, 0x40, 0x6, 0x30, 0x0, 0x7, 0x11540, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffff8, 0x7, @perf_config_ext={0x100000001, 0x2}, 0x8462a1955582d605, 0x2, 0x3, 0x2, 0x3, 0xfc}, r11, 0x0, r0, 0xa)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0x4}]}}, &(0x7f00000002c0)=""/224, 0x26, 0xe0, 0x8}, 0x20)

00:21:24 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:24 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  353.248982][T13472] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  353.269399][T13472] CPU: 0 PID: 13472 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  353.277864][T13472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  353.287939][T13472] Call Trace:
[  353.288010][T13472]  dump_stack+0x197/0x210
[  353.288035][T13472]  sysfs_warn_dup.cold+0x1c/0x31
[  353.288053][T13472]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  353.288068][T13472]  sysfs_create_link+0x65/0xc0
[  353.288084][T13472]  device_add+0x756/0x1d00
[  353.288108][T13472]  ? uevent_show+0x370/0x370
[  353.288135][T13472]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  353.307636][T13473] EXT4-fs (sda1): Mount option "noacl" will be removed by 3.5
[  353.307636][T13473] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  353.307636][T13473] 
[  353.311747][T13472]  wiphy_register+0x1c46/0x2720
[  353.311775][T13472]  ? wiphy_unregister+0x1040/0x1040
[  353.311857][T13472]  ? __kmalloc+0x608/0x770
[  353.311877][T13472]  ? ieee80211_register_hw+0xb86/0x3ac0
[  353.344634][T13472]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  353.344730][T13472]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  353.344753][T13472]  ieee80211_register_hw+0x157e/0x3ac0
[  353.379970][T13473] EXT4-fs (sda1): re-mounted. Opts: noacl,
[  353.382160][T13472]  ? ieee80211_ifa_changed+0xde0/0xde0
[  353.382181][T13472]  ? memset+0x32/0x40
[  353.382201][T13472]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  353.382219][T13472]  ? __hrtimer_init+0x13d/0x280
[  353.382249][T13472]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  353.414282][T13472]  ? hwsim_register_received_nl+0x420/0x420
[  353.420203][T13472]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  353.425786][T13472]  ? lockdep_hardirqs_on+0x421/0x5e0
[  353.432139][T13472]  hwsim_new_radio_nl+0x9e3/0x1070
[  353.437275][T13472]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  353.443255][T13472]  ? __this_cpu_preempt_check+0x35/0x190
00:21:24 executing program 5:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
getuid()

00:21:24 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  353.443293][T13472]  genl_rcv_msg+0x67d/0xea0
[  353.443316][T13472]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  353.443338][T13472]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  353.443374][T13472]  netlink_rcv_skb+0x177/0x450
[  353.443392][T13472]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  353.443408][T13472]  ? netlink_ack+0xb50/0xb50
[  353.443424][T13472]  ? __kasan_check_write+0x14/0x20
[  353.443442][T13472]  ? netlink_deliver_tap+0x24a/0xbe0
[  353.443465][T13472]  genl_rcv+0x29/0x40
[  353.496245][T13472]  netlink_unicast+0x58c/0x7d0
[  353.501245][T13472]  ? netlink_attachskb+0x870/0x870
[  353.506371][T13472]  netlink_sendmsg+0x8ee/0xe60
[  353.511135][T13472]  ? netlink_unicast+0x7d0/0x7d0
[  353.516075][T13472]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  353.521664][T13472]  ? apparmor_socket_sendmsg+0x2a/0x30
[  353.527122][T13472]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  353.533363][T13472]  ? security_socket_sendmsg+0x8d/0xc0
[  353.538821][T13472]  ? netlink_unicast+0x7d0/0x7d0
[  353.543751][T13472]  sock_sendmsg+0xd7/0x130
[  353.548171][T13472]  ____sys_sendmsg+0x753/0x880
[  353.552939][T13472]  ? kernel_sendmsg+0x50/0x50
[  353.557622][T13472]  ? __fget+0x35d/0x550
[  353.562474][T13472]  ___sys_sendmsg+0x11d/0x1b0
[  353.567154][T13472]  ? do_recvmmsg+0x7a0/0x7a0
[  353.571739][T13472]  ? __kasan_check_read+0x11/0x20
[  353.576781][T13472]  ? __fget+0x37f/0x550
[  353.580947][T13472]  ? ksys_dup3+0x3e0/0x3e0
[  353.585385][T13472]  ? __fget_light+0x1a9/0x230
[  353.590068][T13472]  ? __fdget+0x1b/0x20
[  353.594133][T13472]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  353.600373][T13472]  __sys_sendmsg+0x105/0x1d0
[  353.604959][T13472]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  353.610175][T13472]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  353.615630][T13472]  ? do_syscall_64+0x26/0x790
[  353.620558][T13472]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  353.626613][T13472]  ? do_syscall_64+0x26/0x790
[  353.631385][T13472]  __x64_sys_sendmsg+0x78/0xb0
[  353.636169][T13472]  do_syscall_64+0xfa/0x790
[  353.640684][T13472]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  353.646573][T13472] RIP: 0033:0x45a679
[  353.650455][T13472] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  353.670059][T13472] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  353.678495][T13472] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  353.686648][T13472] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  353.694620][T13472] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  353.702713][T13472] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  353.710696][T13472] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:25 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:25 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:25 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:25 executing program 5:
accept4$unix(0xffffffffffffffff, 0x0, 0x0, 0x80800)
pipe(&(0x7f0000000100)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$netlink(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r3=>0xffffffffffffffff})
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$PERF_EVENT_IOC_ENABLE(r4, 0x8912, 0x400200)
writev(r2, &(0x7f0000000080)=[{&(0x7f00000042c0)="1f00000002031900000007000000068100023b0509000100010100ff3ffe58", 0x1f}], 0x1)
writev(0xffffffffffffffff, &(0x7f0000000100)=[{&(0x7f0000000000)="1f0000000203193b000007000000068100023b05090002", 0x17}], 0x1)
splice(r0, 0x0, r2, 0x0, 0x422000a7b, 0x0)
write$binfmt_elf64(r1, &(0x7f0000000000)=ANY=[], 0xffb4)

00:21:25 executing program 3:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r3, 0x0, 0xffffffffffffffff, 0x19)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x161)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r6)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r7 = gettid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r7, r8, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r6, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r11=>r2, r4, 0x0, 0x1, &(0x7f0000000080)='\x00', r10}, 0x30)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0xff, 0x40, 0x6, 0x30, 0x0, 0x7, 0x11540, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffff8, 0x7, @perf_config_ext={0x100000001, 0x2}, 0x8462a1955582d605, 0x2, 0x3, 0x2, 0x3, 0xfc}, r11, 0x0, r0, 0xa)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f0000000240)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@ptr={0x0, 0x0, 0x0, 0x4}]}}, &(0x7f00000002c0)=""/224, 0x26, 0xe0, 0x8}, 0x20)

00:21:25 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:25 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$kcm(0x2b, 0x1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:25 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:25 executing program 5:
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r0 = open(&(0x7f000000fffa)='./bus\x00', 0x141042, 0x0)
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
r2 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
fallocate(r2, 0x0, 0x0, 0x8020003)
fallocate(r1, 0x0, 0x0, 0x8020003)
fcntl$setstatus(r0, 0x4, 0x40400)
write$FUSE_WRITE(r0, &(0x7f0000000080)={0xfffffffffffffd7f}, 0x18)

[  354.281097][T13512] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  354.346289][T13512] CPU: 1 PID: 13512 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  354.354831][T13512] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  354.364902][T13512] Call Trace:
[  354.368220][T13512]  dump_stack+0x197/0x210
[  354.372555][T13512]  sysfs_warn_dup.cold+0x1c/0x31
[  354.377500][T13512]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  354.383573][T13512]  sysfs_create_link+0x65/0xc0
[  354.388336][T13512]  device_add+0x756/0x1d00
[  354.392815][T13512]  ? ieee80211_set_bitrate_flags+0x402/0x5c0
[  354.398812][T13512]  ? uevent_show+0x370/0x370
[  354.403486][T13512]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  354.409732][T13512]  wiphy_register+0x1c46/0x2720
[  354.414578][T13512]  ? wiphy_unregister+0x1040/0x1040
[  354.419763][T13512]  ? retint_kernel+0x2b/0x2b
[  354.424355][T13512]  ? ieee80211_register_hw+0x2d81/0x3ac0
[  354.429980][T13512]  ieee80211_register_hw+0x157e/0x3ac0
[  354.435442][T13512]  ? ieee80211_ifa_changed+0xde0/0xde0
[  354.440925][T13512]  ? memset+0x32/0x40
[  354.444891][T13512]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  354.451120][T13512]  ? __hrtimer_init+0x13d/0x280
[  354.455958][T13512]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  354.461667][T13512]  ? hwsim_register_received_nl+0x420/0x420
[  354.467561][T13512]  hwsim_new_radio_nl+0x9e3/0x1070
[  354.472667][T13512]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  354.478919][T13512]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  354.484821][T13512]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  354.491159][T13512]  genl_rcv_msg+0x67d/0xea0
[  354.495652][T13512]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  354.501969][T13512]  ? __kasan_check_read+0x11/0x20
[  354.507048][T13512]  ? find_held_lock+0x35/0x130
[  354.511812][T13512]  netlink_rcv_skb+0x177/0x450
[  354.516561][T13512]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  354.522891][T13512]  ? netlink_ack+0xb50/0xb50
[  354.527482][T13512]  ? __kasan_check_write+0x14/0x20
[  354.532607][T13512]  ? netlink_deliver_tap+0x24a/0xbe0
[  354.537905][T13512]  genl_rcv+0x29/0x40
[  354.541894][T13512]  netlink_unicast+0x58c/0x7d0
[  354.547010][T13512]  ? netlink_attachskb+0x870/0x870
[  354.552116][T13512]  ? _copy_from_iter_full+0x25d/0x8c0
[  354.557494][T13512]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  354.563230][T13512]  ? __check_object_size+0x3d/0x437
[  354.568441][T13512]  netlink_sendmsg+0x8ee/0xe60
[  354.573244][T13512]  ? netlink_unicast+0x7d0/0x7d0
[  354.578177][T13512]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  354.583716][T13512]  ? apparmor_socket_sendmsg+0x2a/0x30
[  354.589168][T13512]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  354.595420][T13512]  ? security_socket_sendmsg+0x8d/0xc0
[  354.600896][T13512]  ? netlink_unicast+0x7d0/0x7d0
[  354.605833][T13512]  sock_sendmsg+0xd7/0x130
[  354.610256][T13512]  ____sys_sendmsg+0x753/0x880
[  354.615227][T13512]  ? kernel_sendmsg+0x50/0x50
[  354.620072][T13512]  ? __fget+0x35d/0x550
[  354.624233][T13512]  ___sys_sendmsg+0x11d/0x1b0
[  354.628990][T13512]  ? do_recvmmsg+0x7a0/0x7a0
[  354.634125][T13512]  ? __kasan_check_read+0x11/0x20
[  354.639140][T13512]  ? __fget+0x37f/0x550
[  354.643281][T13512]  ? ksys_dup3+0x3e0/0x3e0
[  354.647696][T13512]  ? __this_cpu_preempt_check+0x35/0x190
[  354.653331][T13512]  ? __fget_light+0x1a9/0x230
[  354.657996][T13512]  ? __fdget+0x1b/0x20
[  354.662058][T13512]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  354.668426][T13512]  __sys_sendmsg+0x105/0x1d0
[  354.673040][T13512]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  354.678253][T13512]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  354.684672][T13512]  ? do_syscall_64+0x26/0x790
[  354.689465][T13512]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  354.695521][T13512]  ? do_syscall_64+0x26/0x790
[  354.700201][T13512]  __x64_sys_sendmsg+0x78/0xb0
[  354.704968][T13512]  do_syscall_64+0xfa/0x790
[  354.709484][T13512]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  354.715359][T13512] RIP: 0033:0x45a679
[  354.719244][T13512] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  354.738854][T13512] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  354.747266][T13512] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  354.755234][T13512] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  354.763196][T13512] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  354.771169][T13512] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  354.779133][T13512] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:26 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:26 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:26 executing program 3:
r0 = perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r3, 0x0, 0xffffffffffffffff, 0x19)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r5 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r5, 0x1, 0x3e, &(0x7f00000002c0)=r4, 0x161)
r6 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r6)
ioctl$PERF_EVENT_IOC_SET_FILTER(r6, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r7 = gettid()
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r9 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r9, 0x1, 0x3e, &(0x7f00000002c0)=r8, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r10=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r7, r8, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r6, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r10}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={<r11=>r2, r4, 0x0, 0x1, &(0x7f0000000080)='\x00', r10}, 0x30)
perf_event_open(&(0x7f0000000000)={0x5, 0x70, 0xff, 0x40, 0x6, 0x30, 0x0, 0x7, 0x11540, 0x2, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x1, 0x1, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x0, 0xfffffff8, 0x7, @perf_config_ext={0x100000001, 0x2}, 0x8462a1955582d605, 0x2, 0x3, 0x2, 0x3, 0xfc}, r11, 0x0, r0, 0xa)

00:21:26 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:26 executing program 5:

00:21:26 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$kcm(0x2b, 0x1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  355.206803][T13542] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  355.240146][T13542] CPU: 1 PID: 13542 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  355.248561][T13542] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  355.258619][T13542] Call Trace:
[  355.261919][T13542]  dump_stack+0x197/0x210
[  355.266273][T13542]  sysfs_warn_dup.cold+0x1c/0x31
[  355.271211][T13542]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  355.277282][T13542]  sysfs_create_link+0x65/0xc0
[  355.282035][T13542]  device_add+0x756/0x1d00
[  355.286440][T13542]  ? uevent_show+0x370/0x370
[  355.291015][T13542]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  355.297258][T13542]  wiphy_register+0x1c46/0x2720
[  355.302127][T13542]  ? wiphy_unregister+0x1040/0x1040
[  355.307349][T13542]  ? retint_kernel+0x2b/0x2b
[  355.312036][T13542]  ? ieee80211_register_hw+0x150f/0x3ac0
[  355.317656][T13542]  ieee80211_register_hw+0x157e/0x3ac0
[  355.323200][T13542]  ? ieee80211_ifa_changed+0xde0/0xde0
[  355.329688][T13542]  ? memset+0x32/0x40
[  355.333656][T13542]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  355.339883][T13542]  ? __hrtimer_init+0x13d/0x280
[  355.344744][T13542]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  355.350471][T13542]  ? hwsim_register_received_nl+0x420/0x420
[  355.356372][T13542]  hwsim_new_radio_nl+0x9e3/0x1070
[  355.361468][T13542]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  355.367698][T13542]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  355.373584][T13542]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  355.379898][T13542]  genl_rcv_msg+0x67d/0xea0
[  355.384411][T13542]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  355.390822][T13542]  ? find_held_lock+0x35/0x130
[  355.395577][T13542]  netlink_rcv_skb+0x177/0x450
[  355.400412][T13542]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  355.408036][T13542]  ? netlink_ack+0xb50/0xb50
[  355.412611][T13542]  ? __kasan_check_write+0x14/0x20
[  355.417710][T13542]  ? netlink_deliver_tap+0x24a/0xbe0
[  355.423001][T13542]  genl_rcv+0x29/0x40
[  355.426992][T13542]  netlink_unicast+0x58c/0x7d0
[  355.431868][T13542]  ? netlink_attachskb+0x870/0x870
[  355.436996][T13542]  ? _copy_from_iter_full+0x25d/0x8c0
[  355.442380][T13542]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  355.448138][T13542]  ? __check_object_size+0x3d/0x437
[  355.453337][T13542]  netlink_sendmsg+0x8ee/0xe60
[  355.458287][T13542]  ? netlink_unicast+0x7d0/0x7d0
[  355.463215][T13542]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  355.468750][T13542]  ? apparmor_socket_sendmsg+0x2a/0x30
[  355.474245][T13542]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  355.480571][T13542]  ? security_socket_sendmsg+0x8d/0xc0
[  355.486014][T13542]  ? netlink_unicast+0x7d0/0x7d0
[  355.490945][T13542]  sock_sendmsg+0xd7/0x130
[  355.495348][T13542]  ____sys_sendmsg+0x753/0x880
[  355.500101][T13542]  ? kernel_sendmsg+0x50/0x50
[  355.504780][T13542]  ? copy_msghdr_from_user+0x2b/0x440
[  355.510139][T13542]  ___sys_sendmsg+0x11d/0x1b0
[  355.514975][T13542]  ? do_recvmmsg+0x7a0/0x7a0
[  355.519548][T13542]  ? lockdep_hardirqs_on+0x421/0x5e0
[  355.524817][T13542]  ? trace_hardirqs_on_caller+0x6a/0x240
[  355.530446][T13542]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  355.535891][T13542]  ? __this_cpu_preempt_check+0x35/0x190
[  355.541511][T13542]  ? retint_kernel+0x2b/0x2b
[  355.546089][T13542]  ? sockfd_lookup_light+0x78/0x180
[  355.551612][T13542]  ? sockfd_lookup_light+0x9f/0x180
[  355.556887][T13542]  __sys_sendmsg+0x105/0x1d0
[  355.561459][T13542]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  355.566737][T13542]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  355.572184][T13542]  ? do_syscall_64+0x26/0x790
[  355.576845][T13542]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  355.582893][T13542]  ? do_syscall_64+0x26/0x790
[  355.587556][T13542]  __x64_sys_sendmsg+0x78/0xb0
[  355.592317][T13542]  do_syscall_64+0xfa/0x790
[  355.596894][T13542]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  355.602771][T13542] RIP: 0033:0x45a679
[  355.606656][T13542] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  355.626589][T13542] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  355.634983][T13542] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  355.642938][T13542] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  355.650893][T13542] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  355.658857][T13542] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  355.666810][T13542] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:27 executing program 5:

00:21:27 executing program 2:
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:27 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:27 executing program 5:

00:21:27 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:27 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$kcm(0x2b, 0x1, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:27 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r6 = gettid()
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r8 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r8, 0x1, 0x3e, &(0x7f00000002c0)=r7, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r6, r7, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r9}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r5, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r9}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={r1, r3, 0x0, 0x1, &(0x7f0000000080)='\x00', r9}, 0x30)

00:21:27 executing program 2:
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:27 executing program 5:

[  356.388359][T13584] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  356.397221][T13584] CPU: 0 PID: 13584 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  356.405574][T13584] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  356.415647][T13584] Call Trace:
[  356.419408][T13584]  dump_stack+0x197/0x210
[  356.423777][T13584]  sysfs_warn_dup.cold+0x1c/0x31
[  356.428744][T13584]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  356.434841][T13584]  sysfs_create_link+0x65/0xc0
[  356.439894][T13584]  device_add+0x756/0x1d00
[  356.444333][T13584]  ? mark_lock+0xc2/0x1220
[  356.448773][T13584]  ? mark_lock+0xc2/0x1220
[  356.453211][T13584]  ? uevent_show+0x370/0x370
[  356.457825][T13584]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  356.464096][T13584]  wiphy_register+0x1c46/0x2720
[  356.468987][T13584]  ? wiphy_unregister+0x1040/0x1040
[  356.474217][T13584]  ? ieee80211_register_hw+0x150f/0x3ac0
[  356.479878][T13584]  ieee80211_register_hw+0x157e/0x3ac0
[  356.485368][T13584]  ? ieee80211_ifa_changed+0xde0/0xde0
[  356.490852][T13584]  ? memset+0x32/0x40
[  356.494851][T13584]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  356.501173][T13584]  ? __hrtimer_init+0x13d/0x280
[  356.506051][T13584]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  356.511811][T13584]  ? hwsim_register_received_nl+0x420/0x420
[  356.517854][T13584]  hwsim_new_radio_nl+0x9e3/0x1070
[  356.523077][T13584]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  356.528993][T13584]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  356.535335][T13584]  genl_rcv_msg+0x67d/0xea0
[  356.535356][T13584]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  356.535374][T13584]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  356.535404][T13584]  netlink_rcv_skb+0x177/0x450
[  356.535418][T13584]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  356.535433][T13584]  ? netlink_ack+0xb50/0xb50
[  356.535448][T13584]  ? __kasan_check_write+0x14/0x20
[  356.535465][T13584]  ? netlink_deliver_tap+0x24a/0xbe0
[  356.535488][T13584]  genl_rcv+0x29/0x40
[  356.581797][T13584]  netlink_unicast+0x58c/0x7d0
[  356.586589][T13584]  ? netlink_attachskb+0x870/0x870
[  356.591717][T13584]  ? _copy_from_iter_full+0x25d/0x8c0
[  356.597106][T13584]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  356.602842][T13584]  ? __check_object_size+0x3d/0x437
[  356.608163][T13584]  netlink_sendmsg+0x8ee/0xe60
[  356.612954][T13584]  ? netlink_unicast+0x7d0/0x7d0
[  356.617886][T13584]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  356.623783][T13584]  ? apparmor_socket_sendmsg+0x2a/0x30
[  356.629233][T13584]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  356.636095][T13584]  ? security_socket_sendmsg+0x8d/0xc0
[  356.641542][T13584]  ? netlink_unicast+0x7d0/0x7d0
[  356.646467][T13584]  sock_sendmsg+0xd7/0x130
[  356.650869][T13584]  ____sys_sendmsg+0x753/0x880
[  356.655618][T13584]  ? kernel_sendmsg+0x50/0x50
[  356.660285][T13584]  ? __fget+0x35d/0x550
[  356.664430][T13584]  ___sys_sendmsg+0x11d/0x1b0
[  356.669092][T13584]  ? do_recvmmsg+0x7a0/0x7a0
[  356.673666][T13584]  ? __fget+0x37f/0x550
[  356.677811][T13584]  ? ksys_dup3+0x3e0/0x3e0
[  356.682211][T13584]  ? __this_cpu_preempt_check+0x35/0x190
[  356.687825][T13584]  ? retint_kernel+0x2b/0x2b
[  356.692398][T13584]  ? __fget_light+0x1a9/0x230
[  356.697058][T13584]  ? __fdget+0x1b/0x20
[  356.701112][T13584]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  356.707339][T13584]  __sys_sendmsg+0x105/0x1d0
[  356.711915][T13584]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  356.717105][T13584]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  356.722547][T13584]  ? do_syscall_64+0x26/0x790
[  356.727211][T13584]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  356.733260][T13584]  ? do_syscall_64+0x26/0x790
[  356.737925][T13584]  __x64_sys_sendmsg+0x78/0xb0
[  356.742781][T13584]  do_syscall_64+0xfa/0x790
[  356.747277][T13584]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  356.753168][T13584] RIP: 0033:0x45a679
[  356.757077][T13584] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  356.776682][T13584] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
00:21:27 executing program 5:

00:21:27 executing program 2:
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:27 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, 0x0)
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:28 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  356.785182][T13584] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  356.793160][T13584] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  356.801121][T13584] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  356.809079][T13584] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  356.817034][T13584] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:28 executing program 5:

00:21:28 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:28 executing program 2:
open(0x0, 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:28 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r6 = gettid()
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r8 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r8, 0x1, 0x3e, &(0x7f00000002c0)=r7, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r6, r7, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r9}, 0x30)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000a40)={0x0, r5, 0x0, 0x15, &(0x7f0000000a00)='\x80+@cpuset.nodevppp1)\x00', r9}, 0x30)

00:21:28 executing program 5:

00:21:28 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:28 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:28 executing program 5:

00:21:28 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

[  357.403200][T13619] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
00:21:28 executing program 2:
open(0x0, 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

[  357.484913][T13619] CPU: 0 PID: 13619 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  357.493564][T13619] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  357.503728][T13619] Call Trace:
[  357.507044][T13619]  dump_stack+0x197/0x210
[  357.511405][T13619]  sysfs_warn_dup.cold+0x1c/0x31
[  357.516389][T13619]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  357.522576][T13619]  sysfs_create_link+0x65/0xc0
[  357.527396][T13619]  device_add+0x756/0x1d00
[  357.531845][T13619]  ? __this_cpu_preempt_check+0x35/0x190
[  357.537510][T13619]  ? uevent_show+0x370/0x370
[  357.542135][T13619]  wiphy_register+0x1c46/0x2720
[  357.547017][T13619]  ? wiphy_unregister+0x1040/0x1040
[  357.552338][T13619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  357.558697][T13619]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  357.564452][T13619]  ieee80211_register_hw+0x157e/0x3ac0
[  357.569943][T13619]  ? ieee80211_ifa_changed+0xde0/0xde0
[  357.576177][T13619]  ? memset+0x32/0x40
[  357.576197][T13619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  357.576214][T13619]  ? __hrtimer_init+0x13d/0x280
[  357.576242][T13619]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  357.576274][T13619]  ? hwsim_register_received_nl+0x420/0x420
[  357.576299][T13619]  hwsim_new_radio_nl+0x9e3/0x1070
[  357.576318][T13619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  357.576334][T13619]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  357.576359][T13619]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  357.576388][T13619]  genl_rcv_msg+0x67d/0xea0
[  357.633344][T13619]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  357.640086][T13619]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  357.646454][T13619]  ? find_held_lock+0x35/0x130
[  357.651233][T13619]  netlink_rcv_skb+0x177/0x450
[  357.656179][T13619]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  357.663026][T13619]  ? netlink_ack+0xb50/0xb50
[  357.667635][T13619]  ? __kasan_check_write+0x14/0x20
[  357.672774][T13619]  ? netlink_deliver_tap+0x24a/0xbe0
[  357.678067][T13619]  ? netlink_skb_set_owner_r+0xdf/0x200
[  357.683610][T13619]  genl_rcv+0x29/0x40
[  357.687686][T13619]  netlink_unicast+0x58c/0x7d0
[  357.692451][T13619]  ? netlink_attachskb+0x870/0x870
[  357.697548][T13619]  ? _copy_from_iter_full+0x25d/0x8c0
[  357.702917][T13619]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  357.708626][T13619]  ? __check_object_size+0x3d/0x437
[  357.713815][T13619]  netlink_sendmsg+0x8ee/0xe60
[  357.718581][T13619]  ? netlink_unicast+0x7d0/0x7d0
[  357.723504][T13619]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  357.729035][T13619]  ? apparmor_socket_sendmsg+0x2a/0x30
[  357.734479][T13619]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  357.740705][T13619]  ? security_socket_sendmsg+0x8d/0xc0
[  357.746151][T13619]  ? netlink_unicast+0x7d0/0x7d0
[  357.751084][T13619]  sock_sendmsg+0xd7/0x130
[  357.755496][T13619]  ____sys_sendmsg+0x753/0x880
[  357.760310][T13619]  ? kernel_sendmsg+0x50/0x50
[  357.764992][T13619]  ? __fget+0x35d/0x550
[  357.769159][T13619]  ___sys_sendmsg+0x11d/0x1b0
[  357.773849][T13619]  ? do_recvmmsg+0x7a0/0x7a0
[  357.778430][T13619]  ? lockdep_hardirqs_on+0x421/0x5e0
[  357.784084][T13619]  ? trace_hardirqs_on_caller+0x6a/0x240
[  357.789743][T13619]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  357.795200][T13619]  ? __this_cpu_preempt_check+0x35/0x190
[  357.800823][T13619]  ? retint_kernel+0x2b/0x2b
[  357.805405][T13619]  ? sockfd_lookup_light+0xde/0x180
[  357.810585][T13619]  ? sockfd_lookup_light+0xfa/0x180
[  357.815770][T13619]  __sys_sendmsg+0x105/0x1d0
[  357.820344][T13619]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  357.825560][T13619]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  357.831013][T13619]  ? do_syscall_64+0x26/0x790
[  357.835685][T13619]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  357.841750][T13619]  ? do_syscall_64+0x26/0x790
[  357.846420][T13619]  __x64_sys_sendmsg+0x78/0xb0
[  357.851175][T13619]  do_syscall_64+0xfa/0x790
[  357.855666][T13619]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  357.861541][T13619] RIP: 0033:0x45a679
[  357.865425][T13619] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
00:21:29 executing program 5:

[  357.885214][T13619] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  357.893703][T13619] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  357.901669][T13619] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  357.909649][T13619] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  357.917707][T13619] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  357.925691][T13619] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:29 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:29 executing program 5:

00:21:29 executing program 2:
open(0x0, 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:29 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:29 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
r6 = gettid()
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r8 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r8, 0x1, 0x3e, &(0x7f00000002c0)=r7, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, <r9=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000400)={r6, r7, 0x0, 0xd1, &(0x7f0000000080)='memory.high\x00\x90\x80\xa4\x96\xbb\xe4\xb2\xa2\x01\xc0\xb8*Z\xef\xf8\x0e\x1f]\xf7\x10\xdb\xfe\xe4\x1d\xc6\x92\x7f\xeeK_p\t\x8c\x9f5\xd0\xef)\xd8\x04\xbf\xc2N\x1c\xf0R\xdc\r\xb1Gf\xba\xd11#<\xaf^,s\x85\x10R\x99\xc2D\xee\n\"\xf9c\x15{\xc1[\xef\x06\x8a\xcd\x9d\xc8\x90#\xd0\xe7\xe3\xe0\xa9\xf3\xc0n\x1f\xd1\x11P\xe20\xcd\x1c\xfa\xfd\xa3\xcf\x9c\xc6\xb7]\x16\xc7\xd7\xb4/\x82\xd1\xae\xd9TM\x05a\xe5\xc5U\x91\xbe\x81\xac4\x9d\x02`\xe7\xa6q\x1f@\x1f\x1f?tm\x9c\xd1\x8c\xa1\xb5\xe0`H)\x97r\xc0?y\x9cc=c`A^\x9f\xcd\xbc\xf4m>I\xae\xdf\x946\xe7M`\xeb\x9fm\xbe+n\x00\x18k\x98\xab\xd5\xeet\"d\x81\x94\x04\xf5\xeb', r9}, 0x30)

00:21:29 executing program 5:

00:21:29 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:29 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

00:21:29 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:29 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  358.560252][T13660] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
00:21:29 executing program 5:

[  358.689986][T13660] CPU: 0 PID: 13660 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  358.698375][T13660] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  358.708454][T13660] Call Trace:
[  358.711781][T13660]  dump_stack+0x197/0x210
[  358.716129][T13660]  sysfs_warn_dup.cold+0x1c/0x31
[  358.721085][T13660]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  358.727955][T13660]  sysfs_create_link+0x65/0xc0
[  358.732730][T13660]  device_add+0x756/0x1d00
[  358.737153][T13660]  ? uevent_show+0x370/0x370
[  358.741735][T13660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  358.747988][T13660]  wiphy_register+0x1c46/0x2720
[  358.752846][T13660]  ? wiphy_unregister+0x1040/0x1040
[  358.758030][T13660]  ? retint_kernel+0x2b/0x2b
[  358.762609][T13660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  358.768864][T13660]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  358.774484][T13660]  ieee80211_register_hw+0x157e/0x3ac0
[  358.779970][T13660]  ? ieee80211_ifa_changed+0xde0/0xde0
[  358.785429][T13660]  ? retint_kernel+0x2b/0x2b
[  358.790013][T13660]  ? __hrtimer_init+0x13d/0x280
[  358.794857][T13660]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  358.800573][T13660]  ? hwsim_register_received_nl+0x420/0x420
[  358.806457][T13660]  hwsim_new_radio_nl+0x9e3/0x1070
[  358.811555][T13660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  358.817806][T13660]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  358.823701][T13660]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  358.830017][T13660]  genl_rcv_msg+0x67d/0xea0
[  358.834513][T13660]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  358.840826][T13660]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  358.846283][T13660]  ? __this_cpu_preempt_check+0x35/0x190
[  358.851921][T13660]  ? netlink_rcv_skb+0x11a/0x450
[  358.856846][T13660]  netlink_rcv_skb+0x177/0x450
[  358.861595][T13660]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  358.867910][T13660]  ? netlink_ack+0xb50/0xb50
[  358.872485][T13660]  ? __kasan_check_write+0x14/0x20
[  358.877583][T13660]  ? netlink_deliver_tap+0x24a/0xbe0
[  358.882859][T13660]  ? netlink_skb_set_owner_r+0xdf/0x200
[  358.888398][T13660]  genl_rcv+0x29/0x40
[  358.892364][T13660]  netlink_unicast+0x58c/0x7d0
[  358.897115][T13660]  ? netlink_attachskb+0x870/0x870
[  358.902212][T13660]  ? _copy_from_iter_full+0x25d/0x8c0
[  358.907569][T13660]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  358.913270][T13660]  ? __check_object_size+0x3d/0x437
[  358.918482][T13660]  netlink_sendmsg+0x8ee/0xe60
[  358.923249][T13660]  ? netlink_unicast+0x7d0/0x7d0
[  358.928180][T13660]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  358.933729][T13660]  ? apparmor_socket_sendmsg+0x2a/0x30
[  358.939189][T13660]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  358.945437][T13660]  ? security_socket_sendmsg+0x8d/0xc0
[  358.950904][T13660]  ? netlink_unicast+0x7d0/0x7d0
[  358.955853][T13660]  sock_sendmsg+0xd7/0x130
[  358.960265][T13660]  ____sys_sendmsg+0x753/0x880
[  358.965024][T13660]  ? kernel_sendmsg+0x50/0x50
[  358.969691][T13660]  ? __fget+0x35d/0x550
[  358.973926][T13660]  ___sys_sendmsg+0x11d/0x1b0
[  358.978586][T13660]  ? do_recvmmsg+0x7a0/0x7a0
[  358.983161][T13660]  ? __kasan_check_read+0x11/0x20
[  358.988171][T13660]  ? __fget+0x37f/0x550
[  358.992313][T13660]  ? ksys_dup3+0x3e0/0x3e0
[  358.996716][T13660]  ? __fget_light+0x1a9/0x230
[  359.001377][T13660]  ? __fdget+0x1b/0x20
[  359.005432][T13660]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  359.011659][T13660]  __sys_sendmsg+0x105/0x1d0
[  359.016322][T13660]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  359.021530][T13660]  ? __x64_sys_sendmsg+0x11/0xb0
[  359.026468][T13660]  __x64_sys_sendmsg+0x78/0xb0
[  359.031230][T13660]  do_syscall_64+0xfa/0x790
[  359.035810][T13660]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  359.041697][T13660] RIP: 0033:0x45a679
[  359.045576][T13660] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  359.065305][T13660] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  359.073745][T13660] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  359.081859][T13660] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
00:21:30 executing program 0:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  359.089846][T13660] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  359.097807][T13660] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  359.105763][T13660] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:30 executing program 5:
bind$unix(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r0 = dup(0xffffffffffffffff)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000000140)}, 0x1040}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r1 = getpid()
tkill(r1, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6(0xa, 0x400000000803, 0x5f)
close(r3)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340)='/dev/net/tun\x00', 0x400000001, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000200)='/dev/vga_arbiter\x00', 0x4000, 0x0)
setsockopt$IP_VS_SO_SET_TIMEOUT(r5, 0x0, 0x48a, 0x0, 0x0)
ioctl$TUNSETIFF(r4, 0x400454ca, &(0x7f0000000000)={'nr0\x01\x00', 0x1})
ioctl$PERF_EVENT_IOC_SET_FILTER(r2, 0x8914, &(0x7f00000006c0)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6\xf23F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0_\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\xa9\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&k\x80K\xd1>\xa6\xff(\xb1\x01\xe7\xa5\xce-A\xb0\xec\x190r-q\x83\xb3mN\x91\'\xc5\xf8\xfe\x18\x16\xb7R6\xa9R\xf4H\xa7\x84\x98\xfc\xf9\xa6\xd6\x8d\xa7\xd5_\xc0\x93\xde\x1f`\xff\xcf\xe1)N\x85&\x8b\x06I\xa2\x13\x02\x00\x00\x00\x00\x00\x00\x00[\xae5\x82}\xb7h!\xd9\xce\xe9\x06\b\rs^\x8d\x14\xc1\x97m@6\x1d\xfc\x92@-\xb6\xe5N\x84\xbc\xc0\x1f\xfbI\'M\xdd\xc6*\x06&\f\b\xa6\x92)D}\x87\x80\xea\xb9l\x80H\xea\x82o6\xfa)\x15\xdc@\xf4\x86\xd6_\xf9+/Q\xd5\x8a;\x8b\xe1\x1d\xd0\xec\x8ek\xdb\xa8\xf3Ir\xdb1`B&\xe8A\xd1\xea\xb4$5%aL\xc1\xbd\x91\xc3\x90\x06i <1\xaa\"\xd5\xbb\xe9\xc7SX\xbfm{>\xd4\xc3(E[\xb0J13\xbbG\x8a\xb4\x8aMs\x9f\xcf\xb8g\xab\x12\x8cj\x95}\xb1\bc\xc4u\xf4\xe2\x88\xfa\xde\xec\xdf\xb9\x98\x84\x028\xd9_n\x9f\x86\x88\xe6\x15b\x01]\x01a\xe7\xb9\xb0\xbdk\xaa\xa1\xc1')
r6 = open(&(0x7f0000000040)='./bus\x00', 0x143042, 0x0)
ftruncate(r6, 0x200004)
sendfile(r3, r6, 0x0, 0x80001d00c0d0)

00:21:30 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:30 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
gettid()
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r7 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x3e, &(0x7f00000002c0)=r6, 0x161)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000340)={0xffffffffffffffff, 0xc0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180), 0x0, 0x0, &(0x7f00000001c0)={0x10000000, 0x0, 0x6aa3, 0xffffffff}, &(0x7f0000000200)=0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000500)=0x6}}, 0x10)

00:21:30 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:30 executing program 0:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:30 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

00:21:31 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:31 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  359.710146][T13699] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  359.821463][T13699] CPU: 0 PID: 13699 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  359.829869][T13699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  359.839945][T13699] Call Trace:
[  359.843270][T13699]  dump_stack+0x197/0x210
[  359.847654][T13699]  sysfs_warn_dup.cold+0x1c/0x31
[  359.853590][T13699]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  359.859701][T13699]  sysfs_create_link+0x65/0xc0
[  359.864506][T13699]  device_add+0x756/0x1d00
[  359.868959][T13699]  ? uevent_show+0x370/0x370
[  359.873700][T13699]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  359.879975][T13699]  wiphy_register+0x1c46/0x2720
[  359.884864][T13699]  ? wiphy_unregister+0x1040/0x1040
[  359.890094][T13699]  ? retint_kernel+0x2b/0x2b
[  359.894698][T13699]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  359.900961][T13699]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  359.906607][T13699]  ieee80211_register_hw+0x157e/0x3ac0
[  359.912080][T13699]  ? ieee80211_ifa_changed+0xde0/0xde0
[  359.917540][T13699]  ? memset+0x32/0x40
[  359.921511][T13699]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  359.927743][T13699]  ? __hrtimer_init+0x13d/0x280
[  359.932586][T13699]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  359.938298][T13699]  ? hwsim_register_received_nl+0x420/0x420
[  359.944181][T13699]  hwsim_new_radio_nl+0x9e3/0x1070
[  359.949281][T13699]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  359.955504][T13699]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  359.961402][T13699]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  359.967722][T13699]  genl_rcv_msg+0x67d/0xea0
[  359.972552][T13699]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  359.978880][T13699]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  359.984347][T13699]  netlink_rcv_skb+0x177/0x450
[  359.989117][T13699]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  359.995434][T13699]  ? netlink_ack+0xb50/0xb50
[  360.000017][T13699]  ? __kasan_check_write+0x14/0x20
[  360.005201][T13699]  ? netlink_deliver_tap+0x24a/0xbe0
[  360.010519][T13699]  genl_rcv+0x29/0x40
[  360.014501][T13699]  netlink_unicast+0x58c/0x7d0
[  360.019265][T13699]  ? netlink_attachskb+0x870/0x870
[  360.024362][T13699]  ? _copy_from_iter_full+0x25d/0x8c0
[  360.029727][T13699]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  360.035433][T13699]  ? __check_object_size+0x3d/0x437
[  360.040620][T13699]  netlink_sendmsg+0x8ee/0xe60
[  360.045371][T13699]  ? netlink_unicast+0x7d0/0x7d0
[  360.050293][T13699]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  360.055824][T13699]  ? apparmor_socket_sendmsg+0x2a/0x30
[  360.061266][T13699]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  360.067490][T13699]  ? security_socket_sendmsg+0x8d/0xc0
[  360.073118][T13699]  ? netlink_unicast+0x7d0/0x7d0
[  360.078051][T13699]  sock_sendmsg+0xd7/0x130
[  360.082453][T13699]  ____sys_sendmsg+0x753/0x880
[  360.087897][T13699]  ? kernel_sendmsg+0x50/0x50
[  360.092570][T13699]  ? __fget+0x35d/0x550
[  360.096818][T13699]  ___sys_sendmsg+0x11d/0x1b0
[  360.101483][T13699]  ? do_recvmmsg+0x7a0/0x7a0
[  360.106142][T13699]  ? __kasan_check_read+0x11/0x20
[  360.111152][T13699]  ? __fget+0x37f/0x550
[  360.115292][T13699]  ? ksys_dup3+0x3e0/0x3e0
[  360.119693][T13699]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  360.125137][T13699]  ? lockdep_hardirqs_on+0x421/0x5e0
[  360.130412][T13699]  ? __fget_light+0x1a9/0x230
[  360.135080][T13699]  ? __fdget+0x1b/0x20
[  360.139143][T13699]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  360.145716][T13699]  __sys_sendmsg+0x105/0x1d0
[  360.150291][T13699]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  360.155480][T13699]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  360.160923][T13699]  ? do_syscall_64+0x26/0x790
[  360.166029][T13699]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  360.172089][T13699]  ? do_syscall_64+0x26/0x790
[  360.176762][T13699]  __x64_sys_sendmsg+0x78/0xb0
[  360.181513][T13699]  do_syscall_64+0xfa/0x790
[  360.186010][T13699]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  360.191881][T13699] RIP: 0033:0x45a679
[  360.195775][T13699] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
00:21:31 executing program 0:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={0xffffffffffffffff, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  360.215358][T13699] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  360.223752][T13699] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  360.231707][T13699] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  360.239671][T13699] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  360.247998][T13699] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  360.256050][T13699] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:31 executing program 5:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

00:21:31 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

[  360.539475][T13723] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  360.539475][T13723]    program syz-executor.5 not setting count and/or reply_len properly
[  360.610531][T13723] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  360.610531][T13723]    program syz-executor.5 not setting count and/or reply_len properly
00:21:32 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:32 executing program 0:
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:32 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

00:21:32 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
gettid()
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r7 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r7, 0x1, 0x3e, &(0x7f00000002c0)=r6, 0x161)

00:21:32 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:32 executing program 5:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
openat$vsock(0xffffffffffffff9c, &(0x7f0000000100)='/dev/vsock\x00', 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

[  360.864703][T13735] sg_write: data in/out 429306/24 bytes for SCSI command 0x67-- guessing data in;
[  360.864703][T13735]    program syz-executor.5 not setting count and/or reply_len properly
00:21:32 executing program 0:
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  360.980821][T13745] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  361.013707][T13745] CPU: 0 PID: 13745 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  361.022081][T13745] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  361.032151][T13745] Call Trace:
[  361.035475][T13745]  dump_stack+0x197/0x210
[  361.039848][T13745]  sysfs_warn_dup.cold+0x1c/0x31
[  361.044835][T13745]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  361.050974][T13745]  sysfs_create_link+0x65/0xc0
[  361.055778][T13745]  device_add+0x756/0x1d00
[  361.060214][T13745]  ? __this_cpu_preempt_check+0x35/0x190
[  361.065887][T13745]  ? uevent_show+0x370/0x370
[  361.070537][T13745]  wiphy_register+0x1c46/0x2720
[  361.075419][T13745]  ? wiphy_unregister+0x1040/0x1040
00:21:32 executing program 5:
socket$packet(0x11, 0x3, 0x300)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000b00)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff487000000000000040000000000000009500000000000000e83d24a3aa74d36bb3019c13bd23212fb56fa54f26fb0b71d0e6adfefc41d86b60717142fa9ea4318123741c0a0e168c1886bf0fc8f8d56ccb659427cf8593dbd0d4d94f2f4e345c652fbc1626e3a2a2ad358061011fbc5ba1f07318988e6e0dc800974a22a5503ceb9fc474c2a10034deb277beee1cbf9b0a4def23d410f6296b32a8343881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3449abe802f5ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d0400000000000000b8580218ce740068725837074e468ee23fd2f73902ebcfcf49822775985bf31b715f5888b211624f40401691721715f46efaabf0f926d8e638a663739a190a4e825c90880abc85c85779a50934a4355a2ba3ed12d63c9c4c508523e173650664d1b7cee09af3e4379890e415bccbe158024d8d4939e6fd9adc43f0f4b04921adb92bf466e934330ed79bc9f626f68b0fe8519357d194ea0b852d495085ff4eabaac9606f0497958c2c357a71249f6770ea6702bc53897bdc30f6e55c64efd217450a975221b20d78e445e3da743f8d687b0bdb06d71277671bba2c550bfef6295e50b8ab1feaaf0268c4efa45b564d5608d87c4832e4295bf8889e5db2a70f6a83d4b3cdc13e46d276856de6d895704ba3e8ee12bd121ffc4f5d2ae03f0227dcc4f3865e918b07ce58bf176e253364fed16b128584f897400d4f5503a6e9ea4a480e3221f3c247ee8c55e487eaa25a7689699c9c305db4b0181f0f653fac399fcc0cc800e82bde039cc29c19b538c76e65642875bddbef61e5985751d902e5e922dfcb3eb7a38854683eebd37d2f32375357b5d2b4dc24baa6a7119038380f7029a292f1adec1de866570a9f2a97200ce4e870a819aee29d081e2cacaa8ad1b4ca6df5dc37962ebc5337379e00555b6d2bec249c0612540000000000a7060d0d9b9ad109b62d1dab0eec1deabc76d765b9ca87474e9a13366032fc9558b30399772ddfe89be4338e70d0ecfed537780a31fcaf4acaf93d3711a4359d68ec71b0693e0ab4e6d18e797697901fbae4a9d9966b68eadae75e0bcc7b8c34b8931b0818a57e5136fb8c73283b17d8fd55c2b8d321a6cba8743114fcff01e5c13318c5121cdc82429a021d692cd31cde5d77f0cc00919ee8bfbd34f67609cfde21e76b3b7b08d49a21d6b1fdae83e5ea502d012ef978323fe36685e652ce1c38a9cc9e125a4880faccaf5ac2345f20b1ee403885796e91d0bc75c7e95d23904dc446e0201aafea0d3f4cc0cf275ccd6de8c6"], &(0x7f0000000140)='vS\xfdIG|\x8aL[\xf2\'\x9c\xea\xb1\xc0\xb1\x19\x91\x9d/Q\xd9\xe3T\xce\xdax;\x02%\xc5\x1c\xd5GA\xad[(\xbblZ\x01\x1dF\x92#]%sj\xd0i\xc6C\x1f&\xe2\xc5\xa5z\x7f\xe1 \xfb\xc27\x03\x84\x8e\xef\x82-\xfc$$\xaf\v\xbd\x95\x1e\x0f\xbeVI\xec\r!\f\x86\xf5\xfb[Y\x1e\xd4\xdfc\xb1\xc8\xa2\xc1/5\xffr\x1f\x80@\xb8F\xea\xde\x93\xa1\xcb6\xee\xf2\xce\x95\xf2\xfdxR\x17F\xad\xc1~\xa2\x97=O^o\"\xbb\xa8\x9746'}, 0x48)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x32, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @remote}, 0x10)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='lo\x00\x00\x00\x00\xdf\xff\xff\xff\x00', 0x10)
sendto$inet(r0, 0x0, 0xff1b, 0x1000000020000000, &(0x7f0000000080)={0x2, 0x4e20}, 0x10)
sendto$inet(r0, &(0x7f0000000240), 0x1192aca8268c9077, 0x3, 0x0, 0xffffffffffffff06)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000002d80)={@multicast2, @local}, 0xc)
recvfrom$inet(r0, &(0x7f0000000040)=""/6, 0xffffffffffffff1e, 0x0, 0x0, 0xfffffffffffffe3d)

[  361.080630][T13745]  ? retint_kernel+0x2b/0x2b
[  361.085541][T13745]  ? ieee80211_register_hw+0x2d81/0x3ac0
[  361.091195][T13745]  ieee80211_register_hw+0x157e/0x3ac0
[  361.096690][T13745]  ? ieee80211_ifa_changed+0xde0/0xde0
[  361.102174][T13745]  ? memset+0x32/0x40
[  361.106178][T13745]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  361.112406][T13745]  ? __hrtimer_init+0x13d/0x280
[  361.117267][T13745]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  361.123448][T13745]  ? hwsim_register_received_nl+0x420/0x420
[  361.129380][T13745]  hwsim_new_radio_nl+0x9e3/0x1070
[  361.134525][T13745]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  361.140785][T13745]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  361.146699][T13745]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  361.153057][T13745]  genl_rcv_msg+0x67d/0xea0
[  361.157583][T13745]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  361.163925][T13745]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  361.169399][T13745]  ? preempt_schedule_irq+0xf3/0x160
[  361.174789][T13745]  netlink_rcv_skb+0x177/0x450
[  361.179558][T13745]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  361.186055][T13745]  ? netlink_ack+0xb50/0xb50
[  361.190630][T13745]  ? __kasan_check_write+0x14/0x20
[  361.195727][T13745]  ? netlink_deliver_tap+0x24a/0xbe0
[  361.200997][T13745]  genl_rcv+0x29/0x40
[  361.202847][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  361.204980][T13745]  netlink_unicast+0x58c/0x7d0
[  361.210791][    C1] protocol 88fb is buggy, dev hsr_slave_1
[  361.215441][T13745]  ? netlink_attachskb+0x870/0x870
[  361.215458][T13745]  ? _copy_from_iter_full+0x25d/0x8c0
[  361.215479][T13745]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  361.237298][T13745]  ? __check_object_size+0x3d/0x437
[  361.242486][T13745]  netlink_sendmsg+0x8ee/0xe60
[  361.247241][T13745]  ? netlink_unicast+0x7d0/0x7d0
[  361.252171][T13745]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  361.257702][T13745]  ? apparmor_socket_sendmsg+0x2a/0x30
[  361.263145][T13745]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  361.269375][T13745]  ? security_socket_sendmsg+0x8d/0xc0
[  361.274813][T13745]  ? netlink_unicast+0x7d0/0x7d0
[  361.279734][T13745]  sock_sendmsg+0xd7/0x130
[  361.284135][T13745]  ____sys_sendmsg+0x753/0x880
[  361.288897][T13745]  ? kernel_sendmsg+0x50/0x50
[  361.293568][T13745]  ? __fget+0x35d/0x550
[  361.297721][T13745]  ___sys_sendmsg+0x11d/0x1b0
[  361.302379][T13745]  ? do_recvmmsg+0x7a0/0x7a0
[  361.307137][T13745]  ? __kasan_check_read+0x11/0x20
[  361.312144][T13745]  ? __fget+0x37f/0x550
[  361.316307][T13745]  ? ksys_dup3+0x3e0/0x3e0
[  361.320714][T13745]  ? __fget_light+0x1a9/0x230
[  361.325372][T13745]  ? __fdget+0x1b/0x20
[  361.329425][T13745]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  361.335651][T13745]  __sys_sendmsg+0x105/0x1d0
[  361.340224][T13745]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  361.345423][T13745]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  361.350862][T13745]  ? do_syscall_64+0x26/0x790
[  361.355537][T13745]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  361.361602][T13745]  ? do_syscall_64+0x26/0x790
[  361.366263][T13745]  __x64_sys_sendmsg+0x78/0xb0
[  361.371020][T13745]  do_syscall_64+0xfa/0x790
[  361.375511][T13745]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  361.381406][T13745] RIP: 0033:0x45a679
[  361.385285][T13745] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  361.404884][T13745] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  361.413807][T13745] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  361.421934][T13745] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
00:21:32 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

[  361.429972][T13745] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  361.437925][T13745] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  361.445986][T13745] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
[  361.454516][    C1] protocol 88fb is buggy, dev hsr_slave_0
[  361.460330][    C1] protocol 88fb is buggy, dev hsr_slave_1
00:21:32 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:32 executing program 0:
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:33 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:33 executing program 5:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f00000006c0), 0x4)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000001c0)='veth1_to_team\x00', 0x10)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x0, &(0x7f0000000200)=0x7fff, 0x4)
r0 = syz_open_dev$sg(&(0x7f0000000040)='/dev/sg#\x00', 0x0, 0x8002)
write(r0, &(0x7f0000000080)="ad3db85e1e8d060000000000003ef0011dcc606a010000807018cebc9b97ae21b15a872c670ce22c9b160096aa1fae1a4a428a17ffba4ea0cb1435701828cf866744d863559c5b7a", 0x48)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
openat$vsock(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
syz_open_dev$tty(0x0, 0x0, 0x0)
write(0xffffffffffffffff, 0x0, 0x0)

00:21:33 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', 0x0, 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:33 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}], 0x1, 0x0, 0x0, 0x0)

00:21:33 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
gettid()
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
socket$kcm(0x2, 0x2, 0x0)

00:21:33 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:33 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:33 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', 0x0, 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:33 executing program 5:
syz_emit_ethernet(0x46, &(0x7f00000002c0)={@broadcast, @link_local={0x1, 0x80, 0xc2, 0x689, 0x3}, [], {@ipv6={0x86dd, {0x0, 0x6, 'v`Q', 0x10, 0x3a, 0x86ddffff, @remote={0xfe, 0x80, [0x6, 0x543, 0xff7f, 0x5, 0x50000000000000d, 0x8848000000f0ffff, 0x0, 0x8dffffff00000000, 0x0, 0xfe03, 0x0, 0x0, 0xffffca88], 0xffffffffffffffff}, @mcast2={0xff, 0x2, [0x0, 0xfffffffffffff000]}, {[], @icmpv6=@ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x19d}}}}}}, 0x0)

[  362.142615][T13790] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  362.206413][T13790] CPU: 0 PID: 13790 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  362.214790][T13790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  362.224932][T13790] Call Trace:
[  362.228230][T13790]  dump_stack+0x197/0x210
[  362.232582][T13790]  sysfs_warn_dup.cold+0x1c/0x31
[  362.237656][T13790]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  362.243748][T13790]  sysfs_create_link+0x65/0xc0
[  362.248512][T13790]  device_add+0x756/0x1d00
[  362.252971][T13790]  ? uevent_show+0x370/0x370
[  362.257563][T13790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.263821][T13790]  wiphy_register+0x1c46/0x2720
[  362.263844][T13790]  ? wiphy_unregister+0x1040/0x1040
[  362.263861][T13790]  ? retint_kernel+0x2b/0x2b
[  362.263881][T13790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.263903][T13790]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  362.290406][T13790]  ieee80211_register_hw+0x157e/0x3ac0
[  362.295880][T13790]  ? ieee80211_ifa_changed+0xde0/0xde0
[  362.301375][T13790]  ? memset+0x32/0x40
[  362.305368][T13790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.311981][T13790]  ? __hrtimer_init+0x13d/0x280
[  362.316835][T13790]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  362.322553][T13790]  ? hwsim_register_received_nl+0x420/0x420
[  362.328619][T13790]  hwsim_new_radio_nl+0x9e3/0x1070
[  362.333726][T13790]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  362.339615][T13790]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  362.345935][T13790]  genl_rcv_msg+0x67d/0xea0
[  362.350430][T13790]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  362.356758][T13790]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  362.362249][T13790]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  362.367752][T13790]  ? lockdep_hardirqs_on+0x421/0x5e0
[  362.373504][T13790]  ? find_held_lock+0x35/0x130
[  362.378583][T13790]  netlink_rcv_skb+0x177/0x450
[  362.383453][T13790]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  362.389859][T13790]  ? netlink_ack+0xb50/0xb50
[  362.394455][T13790]  ? __kasan_check_write+0x14/0x20
[  362.399551][T13790]  ? netlink_deliver_tap+0x24a/0xbe0
[  362.404836][T13790]  genl_rcv+0x29/0x40
[  362.408847][T13790]  netlink_unicast+0x58c/0x7d0
[  362.413725][T13790]  ? netlink_attachskb+0x870/0x870
[  362.418829][T13790]  ? _copy_from_iter_full+0x25d/0x8c0
[  362.424203][T13790]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  362.430014][T13790]  ? __check_object_size+0x3d/0x437
[  362.435219][T13790]  netlink_sendmsg+0x8ee/0xe60
[  362.439999][T13790]  ? netlink_unicast+0x7d0/0x7d0
[  362.446240][T13790]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  362.452067][T13790]  ? apparmor_socket_sendmsg+0x2a/0x30
[  362.457547][T13790]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  362.463781][T13790]  ? security_socket_sendmsg+0x8d/0xc0
[  362.469337][T13790]  ? netlink_unicast+0x7d0/0x7d0
[  362.475651][T13790]  sock_sendmsg+0xd7/0x130
[  362.480682][T13790]  ____sys_sendmsg+0x753/0x880
[  362.485467][T13790]  ? kernel_sendmsg+0x50/0x50
[  362.490224][T13790]  ? __fget+0x35d/0x550
[  362.494384][T13790]  ___sys_sendmsg+0x11d/0x1b0
[  362.499052][T13790]  ? do_recvmmsg+0x7a0/0x7a0
[  362.503631][T13790]  ? __kasan_check_read+0x11/0x20
[  362.508645][T13790]  ? __fget+0x37f/0x550
[  362.512795][T13790]  ? ksys_dup3+0x3e0/0x3e0
[  362.517228][T13790]  ? __this_cpu_preempt_check+0x35/0x190
[  362.523003][T13790]  ? retint_kernel+0x2b/0x2b
[  362.527641][T13790]  ? __fget_light+0x1a9/0x230
[  362.532473][T13790]  ? __fdget+0x1b/0x20
[  362.536534][T13790]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  362.542780][T13790]  __sys_sendmsg+0x105/0x1d0
[  362.547369][T13790]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  362.553026][T13790]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  362.558636][T13790]  __x64_sys_sendmsg+0x78/0xb0
[  362.563779][T13790]  do_syscall_64+0xfa/0x790
[  362.568595][T13790]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  362.574591][T13790] RIP: 0033:0x45a679
[  362.578484][T13790] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  362.598609][T13790] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  362.607108][T13790] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  362.615065][T13790] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  362.623456][T13790] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  362.631421][T13790] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  362.639407][T13790] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:34 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:34 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
gettid()
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:34 executing program 5:
r0 = timerfd_create(0x0, 0x0)
readv(r0, &(0x7f0000000080)=[{&(0x7f0000000200)=""/4096, 0x1000}], 0x1)
timerfd_settime(r0, 0x0, &(0x7f00000000c0)={{0x0, 0x1c9c380}, {0x0, 0x1c9c380}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x387b1d0849878266, 0x8031, 0xffffffffffffffff, 0x0)
pkey_alloc(0x0, 0x0)

00:21:34 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff]})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:34 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}], 0x1, 0x0, 0x0, 0x0)

00:21:34 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:34 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', 0x0, 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

[  363.071291][T13818] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  363.118322][T13818] CPU: 0 PID: 13818 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  363.126724][T13818] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  363.136794][T13818] Call Trace:
[  363.140216][T13818]  dump_stack+0x197/0x210
[  363.144678][T13818]  sysfs_warn_dup.cold+0x1c/0x31
[  363.150193][T13818]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  363.156307][T13818]  sysfs_create_link+0x65/0xc0
[  363.161170][T13818]  device_add+0x756/0x1d00
[  363.165606][T13818]  ? uevent_show+0x370/0x370
[  363.170322][T13818]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  363.177476][T13818]  wiphy_register+0x1c46/0x2720
[  363.182477][T13818]  ? wiphy_unregister+0x1040/0x1040
[  363.187782][T13818]  ? __kmalloc+0x608/0x770
[  363.192232][T13818]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  363.198484][T13818]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  363.206039][T13818]  ieee80211_register_hw+0x157e/0x3ac0
[  363.211518][T13818]  ? ieee80211_ifa_changed+0xde0/0xde0
[  363.216992][T13818]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  363.223244][T13818]  ? __hrtimer_init+0x13d/0x280
[  363.228206][T13818]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  363.234304][T13818]  ? hwsim_register_received_nl+0x420/0x420
[  363.240210][T13818]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  363.245681][T13818]  ? lockdep_hardirqs_on+0x421/0x5e0
[  363.250981][T13818]  hwsim_new_radio_nl+0x9e3/0x1070
[  363.256202][T13818]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  363.262566][T13818]  ? __this_cpu_preempt_check+0x35/0x190
[  363.268238][T13818]  genl_rcv_msg+0x67d/0xea0
[  363.273553][T13818]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  363.279904][T13818]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  363.285472][T13818]  ? find_held_lock+0x35/0x130
[  363.290267][T13818]  netlink_rcv_skb+0x177/0x450
[  363.295071][T13818]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  363.301506][T13818]  ? netlink_ack+0xb50/0xb50
[  363.306215][T13818]  ? __kasan_check_write+0x14/0x20
[  363.311694][T13818]  ? netlink_deliver_tap+0x24a/0xbe0
[  363.317089][T13818]  genl_rcv+0x29/0x40
[  363.321371][T13818]  netlink_unicast+0x58c/0x7d0
[  363.326255][T13818]  ? netlink_attachskb+0x870/0x870
[  363.331388][T13818]  ? _copy_from_iter_full+0x25d/0x8c0
[  363.336784][T13818]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  363.342523][T13818]  ? __check_object_size+0x3d/0x437
[  363.348278][T13818]  netlink_sendmsg+0x8ee/0xe60
[  363.348303][T13818]  ? netlink_unicast+0x7d0/0x7d0
[  363.348319][T13818]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  363.348346][T13818]  ? apparmor_socket_sendmsg+0x2a/0x30
[  363.348360][T13818]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  363.348374][T13818]  ? security_socket_sendmsg+0x8d/0xc0
[  363.369444][T13818]  ? netlink_unicast+0x7d0/0x7d0
[  363.369462][T13818]  sock_sendmsg+0xd7/0x130
[  363.369479][T13818]  ____sys_sendmsg+0x753/0x880
[  363.369497][T13818]  ? kernel_sendmsg+0x50/0x50
[  363.369518][T13818]  ? __fget+0x35d/0x550
[  363.404257][T13818]  ___sys_sendmsg+0x11d/0x1b0
[  363.408954][T13818]  ? do_recvmmsg+0x7a0/0x7a0
[  363.413561][T13818]  ? __kasan_check_read+0x11/0x20
[  363.418636][T13818]  ? __fget+0x37f/0x550
[  363.422806][T13818]  ? ksys_dup3+0x3e0/0x3e0
[  363.427248][T13818]  ? preempt_schedule_irq+0xf3/0x160
[  363.432991][T13818]  ? __fget_light+0x1a9/0x230
[  363.437807][T13818]  ? __fdget+0x1b/0x20
[  363.441895][T13818]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  363.448259][T13818]  __sys_sendmsg+0x105/0x1d0
[  363.453389][T13818]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  363.458619][T13818]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  363.464090][T13818]  ? do_syscall_64+0x26/0x790
[  363.468778][T13818]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  363.474962][T13818]  ? do_syscall_64+0x26/0x790
[  363.479753][T13818]  __x64_sys_sendmsg+0x78/0xb0
[  363.484537][T13818]  do_syscall_64+0xfa/0x790
[  363.489066][T13818]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  363.495141][T13818] RIP: 0033:0x45a679
[  363.499025][T13818] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  363.524140][T13818] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  363.532931][T13818] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  363.541394][T13818] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  363.549570][T13818] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  363.557787][T13818] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  363.566579][T13818] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:35 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')
gettid()

00:21:35 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:35 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:35 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  363.875420][T13844] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  363.923233][T13844] CPU: 1 PID: 13844 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  363.932139][T13844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  363.943824][T13844] Call Trace:
[  363.947512][T13844]  dump_stack+0x197/0x210
[  363.952074][T13844]  sysfs_warn_dup.cold+0x1c/0x31
[  363.957047][T13844]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  363.963306][T13844]  sysfs_create_link+0x65/0xc0
[  363.968111][T13844]  device_add+0x756/0x1d00
[  363.973180][T13844]  ? uevent_show+0x370/0x370
[  363.977888][T13844]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  363.985128][T13844]  wiphy_register+0x1c46/0x2720
[  363.990026][T13844]  ? wiphy_unregister+0x1040/0x1040
[  363.995346][T13844]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  364.002310][T13844]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  364.008550][T13844]  ieee80211_register_hw+0x157e/0x3ac0
[  364.015961][T13844]  ? ieee80211_ifa_changed+0xde0/0xde0
[  364.023084][T13844]  ? retint_kernel+0x2b/0x2b
[  364.031123][T13844]  ? __hrtimer_init+0x13d/0x280
[  364.036518][T13844]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  364.044151][T13844]  ? hwsim_register_received_nl+0x420/0x420
[  364.050133][T13844]  hwsim_new_radio_nl+0x9e3/0x1070
[  364.055311][T13844]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  364.062798][T13844]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  364.068911][T13844]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  364.075414][T13844]  genl_rcv_msg+0x67d/0xea0
[  364.079959][T13844]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  364.087020][T13844]  ? trace_hardirqs_on_caller+0x6a/0x240
[  364.093146][T13844]  ? find_held_lock+0x35/0x130
[  364.098410][T13844]  netlink_rcv_skb+0x177/0x450
[  364.103407][T13844]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  364.110655][T13844]  ? netlink_ack+0xb50/0xb50
[  364.116405][T13844]  ? __kasan_check_write+0x14/0x20
[  364.122040][T13844]  ? netlink_deliver_tap+0x24a/0xbe0
[  364.127478][T13844]  genl_rcv+0x29/0x40
[  364.131485][T13844]  netlink_unicast+0x58c/0x7d0
[  364.136287][T13844]  ? netlink_attachskb+0x870/0x870
[  364.141784][T13844]  netlink_sendmsg+0x8ee/0xe60
[  364.146619][T13844]  ? netlink_unicast+0x7d0/0x7d0
[  364.151667][T13844]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  364.157641][T13844]  ? apparmor_socket_sendmsg+0x2a/0x30
[  364.163452][T13844]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
00:21:35 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
poll(&(0x7f0000000040)=[{r0, 0xb}], 0x1, 0x4b)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x60fd549e, 0x0, 0x0, 0x800e009d6)
readv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/72, 0x48}, {0x0, 0x3e7}, {0x0, 0x59e}, {0x0}], 0x28)
shutdown(r1, 0x0)

00:21:35 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}], 0x1, 0x0, 0x0, 0x0)

[  364.170462][T13844]  ? security_socket_sendmsg+0x8d/0xc0
[  364.176321][T13844]  ? netlink_unicast+0x7d0/0x7d0
[  364.181672][T13844]  sock_sendmsg+0xd7/0x130
[  364.186120][T13844]  ____sys_sendmsg+0x753/0x880
[  364.201601][T13844]  ? kernel_sendmsg+0x50/0x50
[  364.215185][T13844]  ? __fget+0x35d/0x550
[  364.215209][T13844]  ___sys_sendmsg+0x11d/0x1b0
[  364.215225][T13844]  ? do_recvmmsg+0x7a0/0x7a0
[  364.215239][T13844]  ? __kasan_check_read+0x11/0x20
[  364.215255][T13844]  ? __fget+0x37f/0x550
[  364.215272][T13844]  ? ksys_dup3+0x3e0/0x3e0
[  364.215296][T13844]  ? lock_acquire+0x20b/0x410
[  364.229534][T13844]  ? __fget_light+0x1a9/0x230
[  364.229549][T13844]  ? __fdget+0x1b/0x20
[  364.229565][T13844]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  364.229583][T13844]  __sys_sendmsg+0x105/0x1d0
[  364.229599][T13844]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  364.229682][T13844]  ? rcu_read_lock_any_held.part.0+0x50/0x50
[  364.229708][T13844]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  364.296457][T13844]  ? do_syscall_64+0x26/0x790
[  364.301169][T13844]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  364.307973][T13844]  ? do_syscall_64+0x26/0x790
[  364.312790][T13844]  __x64_sys_sendmsg+0x78/0xb0
[  364.319347][T13844]  do_syscall_64+0xfa/0x790
[  364.324866][T13844]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  364.331255][T13844] RIP: 0033:0x45a679
[  364.335435][T13844] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  364.357924][T13844] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  364.366814][T13844] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  364.374899][T13844] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  364.383576][T13844] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  364.391693][T13844] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  364.400470][T13844] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:35 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, 0x0, &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:35 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:35 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)
ioctl$PERF_EVENT_IOC_SET_FILTER(r5, 0x8914, &(0x7f0000000780)='nr0\x01\x00`\xa1\x9e\xf9\xd2\xc6s\xd9\xa1W\x1c\xb9\xe16\x9b\xcda\xef~Iy:\xe1\x87\x12\xec\xeb\x1d\xaav\x94\x97\x80\v\x7f\xbb\xd3[\x17\f\x10u\x1d9\xae\xb6`\xd8c\xe4\x9b\x8cO;=\xadH\x90+[-l\xfd\n\xbd7,c\xbc\xf5\xd7\r\xf3\xfdM.\x8dD<\x88\xbc\x0eV7\xdd\x82\xfc45\xbe\xd4\xde]i<\x9ax\x1c\x86>\x05\xd8\xa6\xf8h\x9a[\xe2\x92\x16\x06\x1f?\xf5?\x8bk9fx\xe7\xba\x15^\xf9\x15-~C\xb1\xec\xcb#1\xeb\x8e\xb1\xedU\x86\xdc\xf8\xb3\xb0\xb9\x996\x1aD\xff,\"\xc2\xab\xbe\xf4-\xd2N\xab\xe6r3F\xa6\xe4l\x04\x99\xa2\x14B\xd8\xd0\r\xcbW\xf0\x13\xffu\x95\xed\xd0\xff\ai0\xde6u\xd3A\x17\xa4N\xb0\xe4\xf82\x93m\xa4NW\xe4:>6\xbdH\xd2\xa8[\xf4\xfdJ\x80N\x83\xf2\xf3\xcf7\x8aCZ\xf5\xe2\x87\xd4\xe2s7\xb4\xad\xa1\x1b&!\x982\xeck+8Dk;\x95\xfe7q\xe9\xf4,\xa3\x0f\xb2\x1e\x12\xf0\xa3\xd8\xbc-\x85EJ\xf9\xfc\xc0#-\x8f\xd9\tD\x8b\x01\xf4lY=1\xea\x1c\x92de\xe3ZA\x99\a\x9c<\xa4\x11(\xb1|\xb0\x1f\xbf[R+\xe0\xfd\x02\x02*\xda7\xfe\xcc\x14\xb6\xc8\xc8\x83\x18\x83\xb8Z\x11\x06\xf2\xf8g\x02\rR\x9f\x17\xa3P\xf2\r\xd3\xbfQ\xa9\x8c\xfd\xa7\f.68\xa4\x83\xfd?\x87\x94\v\xb4x\xb0|L\x11\x03\x94\xc0\t=\x17\x95P\x89\xf2\xca\x97\xbb\xe0u\x12L\x9b\x1f\xf6P\rSj\x95\xd9o\x03\xd4\x85\x96\xe0\b\xbf\n\x02\x8bS\x9c\xecyl\xec\x9b\xf5\x85\xeb\x80\xfe>\r&')

00:21:36 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:36 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:36 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000017c0)=[{&(0x7f0000000100)=""/117, 0x75}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8}, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r0, 0x0)
select(0x40, &(0x7f0000000100), 0x0, 0x0, 0x0)
shutdown(r1, 0x0)

[  364.803392][T13878] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  364.837802][T13878] CPU: 1 PID: 13878 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  364.846588][T13878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  364.857183][T13878] Call Trace:
[  364.860579][T13878]  dump_stack+0x197/0x210
[  364.865110][T13878]  sysfs_warn_dup.cold+0x1c/0x31
[  364.870346][T13878]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  364.876511][T13878]  sysfs_create_link+0x65/0xc0
[  364.881959][T13878]  device_add+0x756/0x1d00
[  364.886559][T13878]  ? uevent_show+0x370/0x370
[  364.891372][T13878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  364.897832][T13878]  wiphy_register+0x1c46/0x2720
[  364.902723][T13878]  ? wiphy_unregister+0x1040/0x1040
[  364.908276][T13878]  ? __kmalloc+0x608/0x770
[  364.913059][T13878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  364.920603][T13878]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  364.926434][T13878]  ieee80211_register_hw+0x157e/0x3ac0
[  364.932068][T13878]  ? swapgs_restore_regs_and_return_to_usermode+0x3c/0x40
[  364.939899][T13878]  ? ieee80211_ifa_changed+0xde0/0xde0
[  364.945662][T13878]  ? audit_add_tree_rule.cold+0x37/0x37
[  364.951760][T13878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  364.958453][T13878]  ? __hrtimer_init+0x13d/0x280
[  364.963322][T13878]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  364.969499][T13878]  ? hwsim_register_received_nl+0x420/0x420
[  364.975743][T13878]  ? hwsim_new_radio_nl+0x211/0x1070
[  364.981208][T13878]  hwsim_new_radio_nl+0x9e3/0x1070
[  364.986672][T13878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  364.993461][T13878]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  364.999550][T13878]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  365.006440][T13878]  genl_rcv_msg+0x67d/0xea0
[  365.011134][T13878]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  365.018352][T13878]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  365.025067][T13878]  netlink_rcv_skb+0x177/0x450
[  365.030477][T13878]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  365.037081][T13878]  ? netlink_ack+0xb50/0xb50
[  365.042066][T13878]  ? __kasan_check_write+0x14/0x20
[  365.047374][T13878]  ? genl_rcv+0xe/0x40
[  365.051714][T13878]  genl_rcv+0x29/0x40
[  365.056090][T13878]  netlink_unicast+0x58c/0x7d0
[  365.060963][T13878]  ? netlink_attachskb+0x870/0x870
[  365.066378][T13878]  ? _copy_from_iter_full+0x25d/0x8c0
[  365.072073][T13878]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  365.078302][T13878]  ? __check_object_size+0x3d/0x437
[  365.083787][T13878]  netlink_sendmsg+0x8ee/0xe60
[  365.089188][T13878]  ? netlink_unicast+0x7d0/0x7d0
[  365.094562][T13878]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  365.100916][T13878]  ? apparmor_socket_sendmsg+0x2a/0x30
[  365.107465][T13878]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  365.115073][T13878]  ? security_socket_sendmsg+0x8d/0xc0
[  365.121040][T13878]  ? netlink_unicast+0x7d0/0x7d0
[  365.126693][T13878]  sock_sendmsg+0xd7/0x130
[  365.131665][T13878]  ____sys_sendmsg+0x753/0x880
[  365.136851][T13878]  ? kernel_sendmsg+0x50/0x50
[  365.141882][T13878]  ? __fget+0x35d/0x550
[  365.146597][T13878]  ___sys_sendmsg+0x11d/0x1b0
[  365.152462][T13878]  ? do_recvmmsg+0x7a0/0x7a0
[  365.157513][T13878]  ? __kasan_check_read+0x11/0x20
[  365.163204][T13878]  ? __fget+0x37f/0x550
[  365.167789][T13878]  ? ksys_dup3+0x3e0/0x3e0
[  365.172431][T13878]  ? __fget_light+0x1a9/0x230
[  365.177118][T13878]  ? __fdget+0x1b/0x20
[  365.181186][T13878]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  365.187702][T13878]  __sys_sendmsg+0x105/0x1d0
[  365.192301][T13878]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  365.197856][T13878]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  365.203319][T13878]  ? do_syscall_64+0x26/0x790
[  365.208323][T13878]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  365.214499][T13878]  ? do_syscall_64+0x26/0x790
[  365.219519][T13878]  __x64_sys_sendmsg+0x78/0xb0
[  365.224599][T13878]  do_syscall_64+0xfa/0x790
[  365.229570][T13878]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  365.236118][T13878] RIP: 0033:0x45a679
[  365.240692][T13878] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  365.260871][T13878] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  365.269919][T13878] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  365.278393][T13878] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  365.287506][T13878] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  365.296457][T13878] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  365.305382][T13878] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:36 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}, {0xffffffffffffffff, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:36 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
r5 = perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)
close(r5)

00:21:36 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:36 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:37 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, 0x0, 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:37 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  365.786713][T13910] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  365.831009][T13910] CPU: 0 PID: 13910 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  365.839994][T13910] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  365.850972][T13910] Call Trace:
[  365.854302][T13910]  dump_stack+0x197/0x210
[  365.858703][T13910]  sysfs_warn_dup.cold+0x1c/0x31
[  365.864269][T13910]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  365.870903][T13910]  sysfs_create_link+0x65/0xc0
[  365.875784][T13910]  device_add+0x756/0x1d00
[  365.880357][T13910]  ? uevent_show+0x370/0x370
[  365.884992][T13910]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  365.891791][T13910]  wiphy_register+0x1c46/0x2720
[  365.897066][T13910]  ? wiphy_unregister+0x1040/0x1040
[  365.902296][T13910]  ? ieee80211_cs_list_valid+0x26/0x280
[  365.908648][T13910]  ? ieee80211_cs_list_valid+0x1b3/0x280
[  365.915256][T13910]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  365.921128][T13910]  ieee80211_register_hw+0x157e/0x3ac0
[  365.927215][T13910]  ? ieee80211_ifa_changed+0xde0/0xde0
[  365.932848][T13910]  ? memset+0x32/0x40
[  365.936859][T13910]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  365.943342][T13910]  ? __hrtimer_init+0x13d/0x280
[  365.948534][T13910]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  365.954679][T13910]  ? hwsim_register_received_nl+0x420/0x420
[  365.960964][T13910]  hwsim_new_radio_nl+0x9e3/0x1070
[  365.966554][T13910]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  365.972694][T13910]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  365.979131][T13910]  genl_rcv_msg+0x67d/0xea0
[  365.984001][T13910]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  365.990354][T13910]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  365.995952][T13910]  netlink_rcv_skb+0x177/0x450
[  366.000853][T13910]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  366.009271][T13910]  ? netlink_ack+0xb50/0xb50
[  366.013981][T13910]  ? __kasan_check_write+0x14/0x20
[  366.019502][T13910]  ? netlink_deliver_tap+0x24a/0xbe0
[  366.025385][T13910]  genl_rcv+0x29/0x40
[  366.029933][T13910]  netlink_unicast+0x58c/0x7d0
[  366.036352][T13910]  ? netlink_attachskb+0x870/0x870
[  366.041664][T13910]  ? _copy_from_iter_full+0x25d/0x8c0
[  366.047403][T13910]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  366.053180][T13910]  ? __check_object_size+0x3d/0x437
[  366.058974][T13910]  netlink_sendmsg+0x8ee/0xe60
[  366.063857][T13910]  ? netlink_unicast+0x7d0/0x7d0
[  366.068798][T13910]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  366.074361][T13910]  ? apparmor_socket_sendmsg+0x2a/0x30
[  366.080216][T13910]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  366.087244][T13910]  ? security_socket_sendmsg+0x8d/0xc0
[  366.092726][T13910]  ? netlink_unicast+0x7d0/0x7d0
[  366.098065][T13910]  sock_sendmsg+0xd7/0x130
[  366.103049][T13910]  ____sys_sendmsg+0x753/0x880
[  366.107923][T13910]  ? kernel_sendmsg+0x50/0x50
[  366.113003][T13910]  ? __fget+0x35d/0x550
[  366.117186][T13910]  ___sys_sendmsg+0x11d/0x1b0
[  366.121881][T13910]  ? do_recvmmsg+0x7a0/0x7a0
[  366.126835][T13910]  ? __kasan_check_read+0x11/0x20
[  366.132001][T13910]  ? __fget+0x37f/0x550
[  366.136412][T13910]  ? ksys_dup3+0x3e0/0x3e0
[  366.141014][T13910]  ? __fget_light+0x55/0x230
[  366.146017][T13910]  ? __fget_light+0x1a9/0x230
[  366.150722][T13910]  ? __fdget+0x1b/0x20
[  366.154815][T13910]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  366.161440][T13910]  __sys_sendmsg+0x105/0x1d0
[  366.166182][T13910]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  366.171695][T13910]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  366.177659][T13910]  ? do_syscall_64+0x26/0x790
[  366.182529][T13910]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  366.188971][T13910]  ? do_syscall_64+0x26/0x790
[  366.193889][T13910]  __x64_sys_sendmsg+0x78/0xb0
[  366.198857][T13910]  do_syscall_64+0xfa/0x790
[  366.203638][T13910]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  366.209699][T13910] RIP: 0033:0x45a679
[  366.213604][T13910] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  366.236046][T13910] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  366.244665][T13910] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  366.253006][T13910] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  366.261487][T13910] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  366.270025][T13910] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  366.278126][T13910] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:37 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000009c0)=[{&(0x7f0000000280)=""/210, 0xd2}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000100)=""/116, 0x74}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
r5 = socket$inet6_sctp(0x1c, 0x800000000000005, 0x84)
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000640)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0)
shutdown(r4, 0x0)
shutdown(r2, 0x0)

00:21:37 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:37 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:37 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}, {0xffffffffffffffff, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:37 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2)

00:21:37 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:38 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

[  366.804529][T13947] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  366.830240][T13947] CPU: 0 PID: 13947 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  366.839682][T13947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  366.851318][T13947] Call Trace:
[  366.854754][T13947]  dump_stack+0x197/0x210
[  366.859478][T13947]  sysfs_warn_dup.cold+0x1c/0x31
[  366.864646][T13947]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  366.871179][T13947]  sysfs_create_link+0x65/0xc0
[  366.876070][T13947]  device_add+0x756/0x1d00
[  366.880619][T13947]  ? uevent_show+0x370/0x370
[  366.885428][T13947]  wiphy_register+0x1c46/0x2720
[  366.890657][T13947]  ? wiphy_unregister+0x1040/0x1040
[  366.896134][T13947]  ? ieee80211_register_hw+0x150f/0x3ac0
[  366.902430][T13947]  ieee80211_register_hw+0x157e/0x3ac0
[  366.908091][T13947]  ? ieee80211_ifa_changed+0xde0/0xde0
[  366.908109][T13947]  ? memset+0x32/0x40
[  366.908123][T13947]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  366.908138][T13947]  ? __hrtimer_init+0x13d/0x280
[  366.908161][T13947]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  366.908186][T13947]  ? hwsim_register_received_nl+0x420/0x420
[  366.908205][T13947]  hwsim_new_radio_nl+0x9e3/0x1070
[  366.908224][T13947]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  366.952885][T13947]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  366.959783][T13947]  genl_rcv_msg+0x67d/0xea0
[  366.964334][T13947]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  366.970934][T13947]  ? find_held_lock+0x35/0x130
[  366.975911][T13947]  netlink_rcv_skb+0x177/0x450
[  366.980796][T13947]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  366.987166][T13947]  ? netlink_ack+0xb50/0xb50
[  366.991792][T13947]  ? __kasan_check_write+0x14/0x20
[  366.997657][T13947]  ? netlink_deliver_tap+0x24a/0xbe0
00:21:38 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000002580)=[{&(0x7f0000000000)=""/5, 0x5}, {0x0}, {0x0}, {0x0, 0x2f5}, {0x0}, {0x0}, {0x0}, {0x0}], 0x8)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/255, 0xff}], 0x1)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xfd1d, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000880)=[{0x0}, {&(0x7f0000000180)=""/214, 0xd6}, {0x0}, {0x0}], 0x4}, 0x0)
shutdown(r4, 0x0)
shutdown(r1, 0x0)

[  367.003487][T13947]  genl_rcv+0x29/0x40
[  367.007926][T13947]  netlink_unicast+0x58c/0x7d0
[  367.012731][T13947]  ? netlink_attachskb+0x870/0x870
[  367.017871][T13947]  ? _copy_from_iter_full+0x25d/0x8c0
[  367.023480][T13947]  netlink_sendmsg+0x8ee/0xe60
[  367.028933][T13947]  ? netlink_unicast+0x7d0/0x7d0
[  367.034013][T13947]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  367.039781][T13947]  ? apparmor_socket_sendmsg+0x2a/0x30
[  367.045635][T13947]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  367.051906][T13947]  ? security_socket_sendmsg+0x8d/0xc0
[  367.057931][T13947]  ? netlink_unicast+0x7d0/0x7d0
[  367.063162][T13947]  sock_sendmsg+0xd7/0x130
[  367.068446][T13947]  ____sys_sendmsg+0x753/0x880
[  367.073487][T13947]  ? kernel_sendmsg+0x50/0x50
[  367.078638][T13947]  ? __fget+0x35d/0x550
[  367.082978][T13947]  ___sys_sendmsg+0x11d/0x1b0
[  367.088199][T13947]  ? do_recvmmsg+0x7a0/0x7a0
[  367.093008][T13947]  ? __kasan_check_read+0x11/0x20
[  367.098490][T13947]  ? __fget+0x37f/0x550
[  367.102979][T13947]  ? ksys_dup3+0x3e0/0x3e0
[  367.107517][T13947]  ? __fget_light+0x1a9/0x230
[  367.112542][T13947]  ? __fdget+0x1b/0x20
[  367.116800][T13947]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  367.124819][T13947]  __sys_sendmsg+0x105/0x1d0
[  367.129817][T13947]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  367.135136][T13947]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  367.140944][T13947]  ? do_syscall_64+0x26/0x790
[  367.145863][T13947]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  367.152404][T13947]  ? do_syscall_64+0x26/0x790
[  367.157423][T13947]  __x64_sys_sendmsg+0x78/0xb0
[  367.162429][T13947]  do_syscall_64+0xfa/0x790
[  367.167382][T13947]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  367.173618][T13947] RIP: 0033:0x45a679
[  367.177762][T13947] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  367.198277][T13947] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  367.207051][T13947] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  367.215418][T13947] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  367.223906][T13947] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  367.231895][T13947] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  367.239986][T13947] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:38 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:38 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
r4 = socket$kcm(0x2, 0x2, 0x0)
setsockopt$sock_attach_bpf(r4, 0x1, 0x3e, &(0x7f00000002c0)=r3, 0x161)

00:21:38 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:38 executing program 1:
openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0}, {0xffffffffffffffff, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:38 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, 0x0, 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180)={[{@noacl='noacl'}]})

[  367.550600][T13981] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
00:21:39 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  367.670241][T13981] CPU: 1 PID: 13981 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  367.679218][T13981] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  367.689416][T13981] Call Trace:
[  367.692839][T13981]  dump_stack+0x197/0x210
[  367.697410][T13981]  sysfs_warn_dup.cold+0x1c/0x31
[  367.702464][T13981]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  367.709155][T13981]  sysfs_create_link+0x65/0xc0
[  367.714448][T13981]  device_add+0x756/0x1d00
[  367.719171][T13981]  ? ieee80211_set_bitrate_flags+0x1e7/0x5c0
[  367.725187][T13981]  ? uevent_show+0x370/0x370
[  367.729798][T13981]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  367.736503][T13981]  wiphy_register+0x1c46/0x2720
[  367.742445][T13981]  ? wiphy_unregister+0x1040/0x1040
[  367.747833][T13981]  ? retint_kernel+0x2b/0x2b
[  367.752863][T13981]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  367.759369][T13981]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  367.765503][T13981]  ieee80211_register_hw+0x157e/0x3ac0
[  367.771078][T13981]  ? ieee80211_ifa_changed+0xde0/0xde0
[  367.776896][T13981]  ? memset+0x32/0x40
[  367.781019][T13981]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  367.787437][T13981]  ? __hrtimer_init+0x13d/0x280
[  367.793178][T13981]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  367.799233][T13981]  ? hwsim_register_received_nl+0x420/0x420
[  367.805427][T13981]  hwsim_new_radio_nl+0x9e3/0x1070
[  367.810732][T13981]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  367.817147][T13981]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  367.823412][T13981]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  367.829957][T13981]  genl_rcv_msg+0x67d/0xea0
[  367.834499][T13981]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  367.841591][T13981]  ? retint_kernel+0x2b/0x2b
[  367.846555][T13981]  ? trace_hardirqs_on_caller+0x6a/0x240
[  367.852428][T13981]  ? retint_kernel+0x2b/0x2b
[  367.857413][T13981]  netlink_rcv_skb+0x177/0x450
[  367.862196][T13981]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  367.868629][T13981]  ? netlink_ack+0xb50/0xb50
[  367.873433][T13981]  ? __kasan_check_write+0x14/0x20
[  367.880398][T13981]  ? netlink_deliver_tap+0x24a/0xbe0
[  367.885912][T13981]  genl_rcv+0x29/0x40
[  367.890049][T13981]  netlink_unicast+0x58c/0x7d0
[  367.894836][T13981]  ? netlink_attachskb+0x870/0x870
[  367.901233][T13981]  netlink_sendmsg+0x8ee/0xe60
[  367.906304][T13981]  ? netlink_unicast+0x7d0/0x7d0
[  367.911721][T13981]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  367.917739][T13981]  ? apparmor_socket_sendmsg+0x2a/0x30
[  367.923496][T13981]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  367.931094][T13981]  ? security_socket_sendmsg+0x8d/0xc0
[  367.937246][T13981]  ? netlink_unicast+0x7d0/0x7d0
[  367.942309][T13981]  sock_sendmsg+0xd7/0x130
[  367.946953][T13981]  ____sys_sendmsg+0x753/0x880
[  367.951931][T13981]  ? kernel_sendmsg+0x50/0x50
[  367.957180][T13981]  ? __fget+0x35d/0x550
[  367.962018][T13981]  ___sys_sendmsg+0x11d/0x1b0
[  367.967304][T13981]  ? do_recvmmsg+0x7a0/0x7a0
[  367.972130][T13981]  ? __kasan_check_read+0x11/0x20
[  367.977344][T13981]  ? __fget+0x37f/0x550
[  367.981652][T13981]  ? ksys_dup3+0x3e0/0x3e0
[  367.986235][T13981]  ? __fget_light+0x1a9/0x230
[  367.991473][T13981]  ? __fdget+0x1b/0x20
[  367.995766][T13981]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  368.002491][T13981]  __sys_sendmsg+0x105/0x1d0
[  368.007101][T13981]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  368.012535][T13981]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  368.018389][T13981]  __x64_sys_sendmsg+0x78/0xb0
[  368.024070][T13981]  ? do_syscall_64+0x5b/0x790
[  368.029283][T13981]  do_syscall_64+0xfa/0x790
[  368.034947][T13981]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  368.041613][T13981] RIP: 0033:0x45a679
[  368.045724][T13981] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
00:21:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  368.066271][T13981] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  368.075017][T13981] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  368.083265][T13981] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  368.091560][T13981] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  368.100757][T13981] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  368.109288][T13981] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:39 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000002580)=[{&(0x7f0000000000)=""/5, 0x5}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/255, 0xff}], 0x1)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xfd1d, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
shutdown(r4, 0x0)
shutdown(r1, 0x0)

00:21:39 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x7, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:39 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)
socket$kcm(0x2, 0x2, 0x0)

00:21:39 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:39 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0}], 0x2, 0x0, 0x0, 0x0)

00:21:39 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:39 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x7, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  368.634371][T14018] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
00:21:40 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@noacl='noacl'}]})

[  368.699327][T14018] CPU: 1 PID: 14018 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  368.709202][T14018] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
00:21:40 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0x7, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d64050000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  368.709209][T14018] Call Trace:
[  368.709242][T14018]  dump_stack+0x197/0x210
[  368.709273][T14018]  sysfs_warn_dup.cold+0x1c/0x31
00:21:40 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  368.709295][T14018]  sysfs_do_create_link_sd.isra.0+0x120/0x140
00:21:40 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
r2 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x2, 0x8a8, 0x0, 0x4, 0x0, 0x3}, r2, 0x0, 0xffffffffffffffff, 0x19)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

[  368.709316][T14018]  sysfs_create_link+0x65/0xc0
[  368.709343][T14018]  device_add+0x756/0x1d00
00:21:40 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xa, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  368.709364][T14018]  ? __this_cpu_preempt_check+0x35/0x190
[  368.709388][T14018]  ? uevent_show+0x370/0x370
[  368.709421][T14018]  wiphy_register+0x1c46/0x2720
[  368.709451][T14018]  ? wiphy_unregister+0x1040/0x1040
[  368.709469][T14018]  ? retint_kernel+0x2b/0x2b
[  368.709498][T14018]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  368.709517][T14018]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  368.709540][T14018]  ieee80211_register_hw+0x157e/0x3ac0
[  368.709569][T14018]  ? ieee80211_ifa_changed+0xde0/0xde0
[  368.709588][T14018]  ? memset+0x32/0x40
[  368.709604][T14018]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  368.709621][T14018]  ? __hrtimer_init+0x13d/0x280
[  368.709661][T14018]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  368.709695][T14018]  ? hwsim_register_received_nl+0x420/0x420
[  368.709722][T14018]  hwsim_new_radio_nl+0x9e3/0x1070
[  368.709744][T14018]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  368.709762][T14018]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  368.709791][T14018]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  368.709815][T14018]  genl_rcv_msg+0x67d/0xea0
[  368.709841][T14018]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  368.709859][T14018]  ? __this_cpu_preempt_check+0x35/0x190
[  368.709899][T14018]  netlink_rcv_skb+0x177/0x450
[  368.709918][T14018]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  368.709936][T14018]  ? netlink_ack+0xb50/0xb50
[  368.709950][T14018]  ? __kasan_check_write+0x14/0x20
[  368.709971][T14018]  ? netlink_deliver_tap+0x24a/0xbe0
[  368.709993][T14018]  genl_rcv+0x29/0x40
[  368.710007][T14018]  netlink_unicast+0x58c/0x7d0
[  368.710073][T14018]  ? netlink_attachskb+0x870/0x870
[  368.710092][T14018]  ? _copy_from_iter_full+0x25d/0x8c0
[  368.710110][T14018]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  368.710128][T14018]  ? __check_object_size+0x3d/0x437
[  368.710148][T14018]  netlink_sendmsg+0x8ee/0xe60
[  368.710170][T14018]  ? netlink_unicast+0x7d0/0x7d0
[  368.710185][T14018]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  368.710204][T14018]  ? apparmor_socket_sendmsg+0x2a/0x30
[  368.710219][T14018]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  368.710235][T14018]  ? security_socket_sendmsg+0x8d/0xc0
[  368.710249][T14018]  ? netlink_unicast+0x7d0/0x7d0
[  368.710267][T14018]  sock_sendmsg+0xd7/0x130
[  368.710282][T14018]  ____sys_sendmsg+0x753/0x880
[  368.710301][T14018]  ? kernel_sendmsg+0x50/0x50
[  368.710320][T14018]  ? __fget+0x35d/0x550
[  368.710342][T14018]  ___sys_sendmsg+0x11d/0x1b0
[  368.710359][T14018]  ? do_recvmmsg+0x7a0/0x7a0
[  368.710371][T14018]  ? __kasan_check_read+0x11/0x20
[  368.710389][T14018]  ? __fget+0x37f/0x550
[  368.710409][T14018]  ? ksys_dup3+0x3e0/0x3e0
[  368.710427][T14018]  ? __this_cpu_preempt_check+0x35/0x190
[  368.710445][T14018]  ? __fget_light+0x1a9/0x230
[  368.710460][T14018]  ? __fdget+0x1b/0x20
[  368.710475][T14018]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  368.710494][T14018]  __sys_sendmsg+0x105/0x1d0
[  368.710510][T14018]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  368.710540][T14018]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  368.710555][T14018]  ? do_syscall_64+0x26/0x790
[  368.710571][T14018]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  368.710585][T14018]  ? do_syscall_64+0x26/0x790
[  368.710607][T14018]  __x64_sys_sendmsg+0x78/0xb0
[  368.710631][T14018]  do_syscall_64+0xfa/0x790
[  368.710655][T14018]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  368.710669][T14018] RIP: 0033:0x45a679
[  368.710688][T14018] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  368.710698][T14018] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  368.710714][T14018] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  368.710723][T14018] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  368.710731][T14018] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  368.710740][T14018] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  368.710750][T14018] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:40 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ppoll(&(0x7f0000000000)=[{r0, 0xc1eec15daf81eb6c}, {r0, 0x40}], 0x210, 0x0, 0x0, 0xfffffef2)
poll(&(0x7f0000000040)=[{r0, 0xb}], 0x1, 0x4b)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x60fd549e, 0x0, 0x0, 0x800e009d6)
readv(r1, &(0x7f0000000000)=[{&(0x7f00000000c0)=""/72, 0x48}, {0x0}, {0x0}], 0x3)
shutdown(r1, 0x0)

00:21:40 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)={[{@noacl='noacl'}]})

00:21:40 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0}], 0x2, 0x0, 0x0, 0x0)

00:21:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  369.587108][T14051] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  369.658709][T14051] CPU: 0 PID: 14051 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  369.667452][T14051] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  369.677719][T14051] Call Trace:
[  369.681247][T14051]  dump_stack+0x197/0x210
[  369.685686][T14051]  sysfs_warn_dup.cold+0x1c/0x31
[  369.685708][T14051]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  369.685736][T14051]  sysfs_create_link+0x65/0xc0
[  369.696860][T14051]  device_add+0x756/0x1d00
[  369.696881][T14051]  ? uevent_show+0x370/0x370
[  369.696895][T14051]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  369.696918][T14051]  wiphy_register+0x1c46/0x2720
[  369.696943][T14051]  ? wiphy_unregister+0x1040/0x1040
[  369.696957][T14051]  ? retint_kernel+0x2b/0x2b
[  369.696976][T14051]  ? ieee80211_register_hw+0x3096/0x3ac0
[  369.696991][T14051]  ieee80211_register_hw+0x157e/0x3ac0
[  369.697015][T14051]  ? ieee80211_ifa_changed+0xde0/0xde0
[  369.697032][T14051]  ? memset+0x32/0x40
[  369.697046][T14051]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  369.697061][T14051]  ? __hrtimer_init+0x13d/0x280
[  369.697083][T14051]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  369.697115][T14051]  ? hwsim_register_received_nl+0x420/0x420
[  369.762981][T14051]  hwsim_new_radio_nl+0x9e3/0x1070
[  369.763001][T14051]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  369.763014][T14051]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  369.763039][T14051]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  369.763059][T14051]  genl_rcv_msg+0x67d/0xea0
[  369.763082][T14051]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  369.763103][T14051]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  369.763127][T14051]  ? find_held_lock+0x35/0x130
[  369.798466][T14051]  netlink_rcv_skb+0x177/0x450
[  369.798486][T14051]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  369.798500][T14051]  ? netlink_ack+0xb50/0xb50
[  369.798513][T14051]  ? __kasan_check_write+0x14/0x20
[  369.798530][T14051]  ? netlink_deliver_tap+0x24a/0xbe0
[  369.798548][T14051]  genl_rcv+0x29/0x40
[  369.798561][T14051]  netlink_unicast+0x58c/0x7d0
[  369.798585][T14051]  ? netlink_attachskb+0x870/0x870
[  369.857386][T14051]  ? _copy_from_iter_full+0x25d/0x8c0
[  369.857405][T14051]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  369.857423][T14051]  ? __check_object_size+0x3d/0x437
[  369.857445][T14051]  netlink_sendmsg+0x8ee/0xe60
[  369.857469][T14051]  ? netlink_unicast+0x7d0/0x7d0
[  369.878591][T14051]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  369.878613][T14051]  ? apparmor_socket_sendmsg+0x2a/0x30
[  369.878630][T14051]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  369.878645][T14051]  ? security_socket_sendmsg+0x8d/0xc0
[  369.878661][T14051]  ? netlink_unicast+0x7d0/0x7d0
[  369.878680][T14051]  sock_sendmsg+0xd7/0x130
[  369.911379][T14051]  ____sys_sendmsg+0x753/0x880
[  369.911399][T14051]  ? kernel_sendmsg+0x50/0x50
[  369.911420][T14051]  ? __fget+0x35d/0x550
[  369.911440][T14051]  ___sys_sendmsg+0x11d/0x1b0
[  369.911461][T14051]  ? do_recvmmsg+0x7a0/0x7a0
[  369.949280][T14051]  ? __kasan_check_read+0x11/0x20
[  369.949295][T14051]  ? __fget+0x37f/0x550
[  369.949309][T14051]  ? ksys_dup3+0x3e0/0x3e0
[  369.949325][T14051]  ? __fget_light+0x1a9/0x230
[  369.949336][T14051]  ? __fdget+0x1b/0x20
00:21:41 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, 0x0)

00:21:41 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xa, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  369.949348][T14051]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  369.949363][T14051]  __sys_sendmsg+0x105/0x1d0
[  369.949375][T14051]  ? __sys_sendmsg_sock+0x1f0/0x1f0
00:21:41 executing program 5:

[  369.949396][T14051]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  369.949407][T14051]  ? do_syscall_64+0x26/0x790
[  369.949420][T14051]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  369.949434][T14051]  ? do_syscall_64+0x26/0x790
00:21:41 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xa, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  369.949448][T14051]  __x64_sys_sendmsg+0x78/0xb0
[  369.949460][T14051]  do_syscall_64+0xfa/0x790
[  369.949473][T14051]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
00:21:41 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

[  369.949483][T14051] RIP: 0033:0x45a679
[  369.949496][T14051] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  369.949501][T14051] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  369.949512][T14051] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  369.949517][T14051] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
00:21:41 executing program 5:

[  369.949523][T14051] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  369.949529][T14051] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  369.949535][T14051] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
[  370.366624][T14086] EXT4-fs (sda1): re-mounted. Opts: 
00:21:41 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
gettid()
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:41 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b700"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:41 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b700"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:42 executing program 5:

00:21:42 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r1}, {r0}], 0x2, 0x0, 0x0, 0x0)

00:21:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:42 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, 0x0)

[  370.727735][T14103] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  370.766543][T14103] CPU: 1 PID: 14103 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  370.774919][T14103] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  370.785004][T14103] Call Trace:
[  370.788304][T14103]  dump_stack+0x197/0x210
[  370.792657][T14103]  sysfs_warn_dup.cold+0x1c/0x31
[  370.797623][T14103]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  370.803803][T14103]  sysfs_create_link+0x65/0xc0
[  370.808588][T14103]  device_add+0x756/0x1d00
[  370.813025][T14103]  ? __this_cpu_preempt_check+0x35/0x190
[  370.818677][T14103]  ? uevent_show+0x370/0x370
[  370.824334][T14103]  wiphy_register+0x1c46/0x2720
[  370.829213][T14103]  ? wiphy_unregister+0x1040/0x1040
[  370.834481][T14103]  ? retint_kernel+0x2b/0x2b
[  370.839092][T14103]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  370.845347][T14103]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  370.850970][T14103]  ieee80211_register_hw+0x157e/0x3ac0
[  370.856576][T14103]  ? ieee80211_ifa_changed+0xde0/0xde0
[  370.862033][T14103]  ? retint_kernel+0x2b/0x2b
[  370.866620][T14103]  ? __hrtimer_init+0x13d/0x280
[  370.871476][T14103]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  370.877203][T14103]  ? hwsim_register_received_nl+0x420/0x420
[  370.883122][T14103]  hwsim_new_radio_nl+0x9e3/0x1070
[  370.888235][T14103]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  370.894461][T14103]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  370.900358][T14103]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  370.906693][T14103]  genl_rcv_msg+0x67d/0xea0
[  370.911287][T14103]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  370.918198][T14103]  ? lockdep_hardirqs_on+0x421/0x5e0
[  370.923496][T14103]  ? retint_kernel+0x2b/0x2b
[  370.928084][T14103]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  370.933557][T14103]  ? find_held_lock+0x35/0x130
[  370.938316][T14103]  netlink_rcv_skb+0x177/0x450
[  370.943071][T14103]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  370.949384][T14103]  ? netlink_ack+0xb50/0xb50
[  370.953959][T14103]  ? __kasan_check_write+0x14/0x20
[  370.959774][T14103]  ? netlink_deliver_tap+0x24a/0xbe0
[  370.965063][T14103]  genl_rcv+0x29/0x40
[  370.969058][T14103]  netlink_unicast+0x58c/0x7d0
[  370.973818][T14103]  ? netlink_attachskb+0x870/0x870
[  370.978911][T14103]  ? _copy_from_iter_full+0x25d/0x8c0
[  370.984291][T14103]  netlink_sendmsg+0x8ee/0xe60
[  370.989040][T14103]  ? netlink_unicast+0x7d0/0x7d0
[  370.993963][T14103]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  370.999504][T14103]  ? apparmor_socket_sendmsg+0x2a/0x30
[  371.004947][T14103]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  371.011189][T14103]  ? security_socket_sendmsg+0x8d/0xc0
[  371.016642][T14103]  ? netlink_unicast+0x7d0/0x7d0
[  371.021759][T14103]  sock_sendmsg+0xd7/0x130
[  371.026163][T14103]  ____sys_sendmsg+0x753/0x880
[  371.030913][T14103]  ? kernel_sendmsg+0x50/0x50
[  371.035578][T14103]  ? __fget+0x35d/0x550
[  371.039737][T14103]  ___sys_sendmsg+0x11d/0x1b0
[  371.044419][T14103]  ? do_recvmmsg+0x7a0/0x7a0
[  371.048993][T14103]  ? __kasan_check_read+0x11/0x20
[  371.054048][T14103]  ? __fget+0x37f/0x550
[  371.058195][T14103]  ? ksys_dup3+0x3e0/0x3e0
[  371.062600][T14103]  ? __fget_light+0x1a9/0x230
[  371.067259][T14103]  ? __fdget+0x1b/0x20
[  371.071311][T14103]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  371.077555][T14103]  __sys_sendmsg+0x105/0x1d0
[  371.082158][T14103]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  371.087361][T14103]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  371.092832][T14103]  __x64_sys_sendmsg+0x78/0xb0
[  371.097627][T14103]  do_syscall_64+0xfa/0x790
[  371.103208][T14103]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  371.109104][T14103] RIP: 0033:0x45a679
[  371.112987][T14103] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  371.132693][T14103] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  371.141100][T14103] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  371.149057][T14103] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  371.157107][T14103] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  371.165087][T14103] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  371.173284][T14103] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:42 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xc, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b700"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:42 executing program 5:

00:21:42 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
r1 = gettid()
perf_event_open(&(0x7f0000000380)={0x4, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x1, @perf_bp={&(0x7f0000000340), 0x4}, 0x4280, 0x0, 0x8a8, 0x0, 0x4}, r1, 0x0, 0xffffffffffffffff, 0x19)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

[  371.472249][T14122] EXT4-fs (sda1): re-mounted. Opts: 
00:21:42 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:42 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:43 executing program 5:

00:21:43 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, 0x0)

[  371.709295][T14132] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  371.774962][T14132] CPU: 0 PID: 14132 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  371.783374][T14132] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  371.793555][T14132] Call Trace:
[  371.796869][T14132]  dump_stack+0x197/0x210
[  371.801217][T14132]  sysfs_warn_dup.cold+0x1c/0x31
[  371.806163][T14132]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  371.812241][T14132]  sysfs_create_link+0x65/0xc0
[  371.817001][T14132]  device_add+0x756/0x1d00
[  371.821406][T14132]  ? __this_cpu_preempt_check+0x35/0x190
[  371.827203][T14132]  ? uevent_show+0x370/0x370
[  371.831891][T14132]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  371.838143][T14132]  wiphy_register+0x1c46/0x2720
[  371.842998][T14132]  ? wiphy_unregister+0x1040/0x1040
[  371.848196][T14132]  ? __kmalloc+0x608/0x770
[  371.852606][T14132]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  371.858834][T14132]  ? ieee80211_cs_list_valid+0x1a1/0x280
[  371.864454][T14132]  ieee80211_register_hw+0x157e/0x3ac0
[  371.869916][T14132]  ? ieee80211_ifa_changed+0xde0/0xde0
[  371.875360][T14132]  ? memset+0x32/0x40
[  371.879327][T14132]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  371.885550][T14132]  ? __hrtimer_init+0x13d/0x280
[  371.890395][T14132]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  371.896099][T14132]  ? retint_kernel+0x2b/0x2b
[  371.900683][T14132]  ? hwsim_register_received_nl+0x420/0x420
[  371.906564][T14132]  hwsim_new_radio_nl+0x9e3/0x1070
[  371.911661][T14132]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  371.917902][T14132]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  371.923814][T14132]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  371.930145][T14132]  genl_rcv_msg+0x67d/0xea0
[  371.934648][T14132]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  371.940964][T14132]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  371.946431][T14132]  netlink_rcv_skb+0x177/0x450
[  371.951360][T14132]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  371.957683][T14132]  ? netlink_ack+0xb50/0xb50
[  371.962257][T14132]  ? __kasan_check_write+0x14/0x20
[  371.967355][T14132]  ? netlink_deliver_tap+0x24a/0xbe0
[  371.972716][T14132]  genl_rcv+0x29/0x40
[  371.976690][T14132]  netlink_unicast+0x58c/0x7d0
[  371.981444][T14132]  ? netlink_attachskb+0x870/0x870
[  371.987030][T14132]  ? _copy_from_iter_full+0x25d/0x8c0
[  371.992392][T14132]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  371.998271][T14132]  ? __check_object_size+0x3d/0x437
[  372.003456][T14132]  netlink_sendmsg+0x8ee/0xe60
[  372.008245][T14132]  ? netlink_unicast+0x7d0/0x7d0
[  372.013185][T14132]  ? netlink_unicast+0x7d0/0x7d0
[  372.018134][T14132]  sock_sendmsg+0xd7/0x130
[  372.022570][T14132]  ____sys_sendmsg+0x753/0x880
[  372.030771][T14132]  ? kernel_sendmsg+0x50/0x50
[  372.035448][T14132]  ? __fget+0x35d/0x550
[  372.039595][T14132]  ___sys_sendmsg+0x11d/0x1b0
[  372.044258][T14132]  ? do_recvmmsg+0x7a0/0x7a0
[  372.049015][T14132]  ? __kasan_check_read+0x11/0x20
[  372.054025][T14132]  ? __fget+0x37f/0x550
[  372.058186][T14132]  ? ksys_dup3+0x3e0/0x3e0
[  372.062597][T14132]  ? __fget_light+0x1a9/0x230
[  372.067432][T14132]  ? __fdget+0x1b/0x20
[  372.071484][T14132]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  372.077716][T14132]  __sys_sendmsg+0x105/0x1d0
[  372.082376][T14132]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  372.087562][T14132]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  372.093020][T14132]  __x64_sys_sendmsg+0x78/0xb0
[  372.097785][T14132]  ? do_syscall_64+0x5b/0x790
[  372.102448][T14132]  do_syscall_64+0xfa/0x790
[  372.106940][T14132]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  372.112811][T14132] RIP: 0033:0x45a679
[  372.116689][T14132] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  372.136277][T14132] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  372.144758][T14132] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  372.152713][T14132] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  372.160873][T14132] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  372.168918][T14132] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
00:21:43 executing program 5:
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000016c0)='/dev/fuse\x00', 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000240)='fuse\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
chdir(&(0x7f00000014c0)='./file0\x00')

[  372.176871][T14132] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:43 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0, 0x281}], 0x1, 0x0, 0x0, 0x0)

[  372.343422][T14148] EXT4-fs (sda1): re-mounted. Opts: 
00:21:43 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000001"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:43 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:43 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
gettid()
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:43 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180))

00:21:43 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  372.668046][T14163] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  372.694765][T14163] CPU: 1 PID: 14163 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  372.703323][T14163] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  372.713393][T14163] Call Trace:
00:21:44 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0, 0x281}], 0x1, 0x0, 0x0, 0x0)

[  372.716724][T14163]  dump_stack+0x197/0x210
[  372.721093][T14163]  sysfs_warn_dup.cold+0x1c/0x31
[  372.726060][T14163]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  372.732159][T14163]  sysfs_create_link+0x65/0xc0
[  372.736949][T14163]  device_add+0x756/0x1d00
[  372.741397][T14163]  ? uevent_show+0x370/0x370
[  372.746019][T14163]  wiphy_register+0x1c46/0x2720
[  372.750900][T14163]  ? wiphy_unregister+0x1040/0x1040
[  372.756117][T14163]  ? retint_kernel+0x2b/0x2b
[  372.760719][T14163]  ? ieee80211_register_hw+0x2720/0x3ac0
[  372.766343][T14163]  ieee80211_register_hw+0x157e/0x3ac0
[  372.771821][T14163]  ? ieee80211_ifa_changed+0xde0/0xde0
[  372.777360][T14163]  ? memset+0x32/0x40
[  372.781435][T14163]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  372.787760][T14163]  ? __hrtimer_init+0x13d/0x280
[  372.792625][T14163]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  372.798361][T14163]  ? hwsim_register_received_nl+0x420/0x420
[  372.804370][T14163]  hwsim_new_radio_nl+0x9e3/0x1070
[  372.809485][T14163]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  372.815717][T14163]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  372.821737][T14163]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  372.828233][T14163]  genl_rcv_msg+0x67d/0xea0
[  372.832776][T14163]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  372.839109][T14163]  ? __this_cpu_preempt_check+0x35/0x190
[  372.844742][T14163]  ? retint_kernel+0x2b/0x2b
[  372.849331][T14163]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  372.854804][T14163]  ? lockdep_hardirqs_on+0x421/0x5e0
[  372.860101][T14163]  netlink_rcv_skb+0x177/0x450
[  372.864859][T14163]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  372.871186][T14163]  ? netlink_ack+0xb50/0xb50
[  372.875764][T14163]  ? __kasan_check_write+0x14/0x20
[  372.880868][T14163]  ? genl_rcv+0xe/0x40
[  372.885012][T14163]  genl_rcv+0x29/0x40
[  372.888978][T14163]  netlink_unicast+0x58c/0x7d0
[  372.893765][T14163]  ? netlink_attachskb+0x870/0x870
[  372.899009][T14163]  ? _copy_from_iter_full+0x25d/0x8c0
[  372.904947][T14163]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  372.910678][T14163]  ? __check_object_size+0x3d/0x437
[  372.918508][T14163]  netlink_sendmsg+0x8ee/0xe60
[  372.923288][T14163]  ? netlink_unicast+0x7d0/0x7d0
[  372.928225][T14163]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  372.933770][T14163]  ? apparmor_socket_sendmsg+0x2a/0x30
[  372.939248][T14163]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  372.945478][T14163]  ? security_socket_sendmsg+0x8d/0xc0
[  372.950926][T14163]  ? netlink_unicast+0x7d0/0x7d0
[  372.955863][T14163]  sock_sendmsg+0xd7/0x130
[  372.960287][T14163]  ____sys_sendmsg+0x753/0x880
[  372.965053][T14163]  ? kernel_sendmsg+0x50/0x50
[  372.969717][T14163]  ? __fget+0x35d/0x550
[  372.973880][T14163]  ___sys_sendmsg+0x11d/0x1b0
[  372.979522][T14163]  ? do_recvmmsg+0x7a0/0x7a0
[  372.984132][T14163]  ? __kasan_check_read+0x11/0x20
[  372.989249][T14163]  ? __fget+0x37f/0x550
[  372.993419][T14163]  ? ksys_dup3+0x3e0/0x3e0
[  372.997840][T14163]  ? __fget_light+0x1a9/0x230
[  373.002503][T14163]  ? __fdget+0x1b/0x20
[  373.006564][T14163]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  373.012819][T14163]  __sys_sendmsg+0x105/0x1d0
[  373.017395][T14163]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  373.022589][T14163]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  373.028064][T14163]  ? do_syscall_64+0x26/0x790
[  373.032734][T14163]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  373.039230][T14163]  ? do_syscall_64+0x26/0x790
[  373.043898][T14163]  __x64_sys_sendmsg+0x78/0xb0
[  373.048663][T14163]  do_syscall_64+0xfa/0x790
[  373.053188][T14163]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  373.059092][T14163] RIP: 0033:0x45a679
[  373.062994][T14163] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  373.082602][T14163] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  373.091018][T14163] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  373.099102][T14163] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  373.107070][T14163] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  373.115033][T14163] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  373.123009][T14163] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:44 executing program 5:

[  373.214902][T14172] EXT4-fs (sda1): re-mounted. Opts: 
00:21:44 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r0, &(0x7f0000000280)={0x0, 0x50, &(0x7f0000000100)=[{&(0x7f0000000080)="2e0000002300817ee45de087715082cf0400b0eb04002800160011000586f9835b3f2f009148790028f85acc7c45", 0x2e}], 0x1}, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:44 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000001"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:44 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{r0, 0x281}], 0x1, 0x0, 0x0, 0x0)

00:21:44 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180))

00:21:44 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:44 executing program 5:

[  373.544697][T14187] sysfs: cannot create duplicate filename '/class/ieee80211/†ùƒ[?!'
[  373.645025][T14187] CPU: 0 PID: 14187 Comm: syz-executor.3 Not tainted 5.4.0-syzkaller #0
[  373.654148][T14187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  373.664229][T14187] Call Trace:
[  373.664259][T14187]  dump_stack+0x197/0x210
[  373.664285][T14187]  sysfs_warn_dup.cold+0x1c/0x31
[  373.664304][T14187]  sysfs_do_create_link_sd.isra.0+0x120/0x140
[  373.664324][T14187]  sysfs_create_link+0x65/0xc0
[  373.664344][T14187]  device_add+0x756/0x1d00
[  373.664364][T14187]  ? uevent_show+0x370/0x370
[  373.664391][T14187]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  373.682995][T14187]  wiphy_register+0x1c46/0x2720
[  373.683021][T14187]  ? wiphy_unregister+0x1040/0x1040
[  373.683042][T14187]  ? ieee80211_register_hw+0x14b8/0x3ac0
[  373.683059][T14187]  ieee80211_register_hw+0x157e/0x3ac0
[  373.683080][T14187]  ? ieee80211_ifa_changed+0xde0/0xde0
[  373.683095][T14187]  ? memset+0x32/0x40
[  373.683116][T14187]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  373.683133][T14187]  ? __hrtimer_init+0x13d/0x280
00:21:45 executing program 5:

00:21:45 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

[  373.683155][T14187]  mac80211_hwsim_new_radio+0x20cf/0x4340
[  373.683180][T14187]  ? hwsim_register_received_nl+0x420/0x420
[  373.683203][T14187]  hwsim_new_radio_nl+0x9e3/0x1070
[  373.683219][T14187]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  373.683233][T14187]  ? mac80211_hwsim_new_radio+0x4340/0x4340
[  373.683256][T14187]  ? genl_family_rcv_msg_attrs_parse+0x1c6/0x300
[  373.683277][T14187]  genl_rcv_msg+0x67d/0xea0
[  373.683299][T14187]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  373.683320][T14187]  ? __kasan_check_read+0x11/0x20
[  373.728550][T14199] EXT4-fs (sda1): re-mounted. Opts: 
[  373.730171][T14187]  ? find_held_lock+0x35/0x130
[  373.730196][T14187]  netlink_rcv_skb+0x177/0x450
[  373.730216][T14187]  ? genl_family_rcv_msg_attrs_parse+0x300/0x300
[  373.730241][T14187]  ? netlink_ack+0xb50/0xb50
[  373.822451][T14187]  ? __kasan_check_write+0x14/0x20
[  373.827595][T14187]  ? netlink_deliver_tap+0x24a/0xbe0
[  373.832913][T14187]  genl_rcv+0x29/0x40
[  373.836916][T14187]  netlink_unicast+0x58c/0x7d0
[  373.841708][T14187]  ? netlink_attachskb+0x870/0x870
[  373.846840][T14187]  ? _copy_from_iter_full+0x25d/0x8c0
[  373.852218][T14187]  ? __sanitizer_cov_trace_cmp8+0x18/0x20
[  373.857951][T14187]  ? __check_object_size+0x3d/0x437
[  373.863559][T14187]  netlink_sendmsg+0x8ee/0xe60
[  373.868479][T14187]  ? netlink_unicast+0x7d0/0x7d0
[  373.873605][T14187]  ? aa_sock_msg_perm.isra.0+0xba/0x170
[  373.879154][T14187]  ? apparmor_socket_sendmsg+0x2a/0x30
[  373.884615][T14187]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  373.890930][T14187]  ? security_socket_sendmsg+0x8d/0xc0
[  373.896411][T14187]  ? netlink_unicast+0x7d0/0x7d0
[  373.901615][T14187]  sock_sendmsg+0xd7/0x130
[  373.906514][T14187]  ____sys_sendmsg+0x753/0x880
[  373.911323][T14187]  ? kernel_sendmsg+0x50/0x50
[  373.916016][T14187]  ? __fget+0x35d/0x550
[  373.920194][T14187]  ___sys_sendmsg+0x11d/0x1b0
[  373.924894][T14187]  ? do_recvmmsg+0x7a0/0x7a0
[  373.929594][T14187]  ? __kasan_check_read+0x11/0x20
[  373.934650][T14187]  ? __fget+0x37f/0x550
[  373.938870][T14187]  ? ksys_dup3+0x3e0/0x3e0
[  373.943309][T14187]  ? __fget_light+0x1a9/0x230
[  373.948011][T14187]  ? __fdget+0x1b/0x20
[  373.952227][T14187]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  373.958858][T14187]  __sys_sendmsg+0x105/0x1d0
[  373.963456][T14187]  ? __sys_sendmsg_sock+0x1f0/0x1f0
[  373.968675][T14187]  ? trace_hardirqs_on_thunk+0x1a/0x1c
[  373.974162][T14187]  __x64_sys_sendmsg+0x78/0xb0
[  373.978935][T14187]  ? do_syscall_64+0x5b/0x790
[  373.983613][T14187]  do_syscall_64+0xfa/0x790
[  373.988133][T14187]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  373.994053][T14187] RIP: 0033:0x45a679
[  373.997951][T14187] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  374.017711][T14187] RSP: 002b:00007f33c66e5c78 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  374.026118][T14187] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  374.034353][T14187] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000004
[  374.042332][T14187] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  374.050301][T14187] R10: 0000000000000000 R11: 0000000000000246 R12: 00007f33c66e66d4
[  374.058274][T14187] R13: 00000000004c966e R14: 00000000004e1330 R15: 00000000ffffffff
00:21:45 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:45 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$kcm(0x10, 0x3, 0x10)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:45 executing program 2:
open(&(0x7f0000000080)='./file0\x00', 0x2442, 0x0)
mount(&(0x7f0000000040)=@filename='./file0\x00', &(0x7f0000000000)='./file0\x00', 0x0, 0x1001004, 0x0)
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0, 0x112c83e, &(0x7f0000000180))

00:21:45 executing program 5:

00:21:45 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000001"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:45 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:45 executing program 5:

00:21:45 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  374.465859][T14223] EXT4-fs (sda1): re-mounted. Opts: 
00:21:45 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
perf_event_open(&(0x7f0000000180)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x5}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:45 executing program 5:

00:21:46 executing program 1:
r0 = openat$vcsa(0xffffffffffffff9c, &(0x7f00000000c0)='/dev/vcsa\x00', 0x0, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000000)='/dev/vhost-net\x00', 0x2, 0x0)
ppoll(&(0x7f0000000100)=[{}, {r0, 0x281}], 0x2, 0x0, 0x0, 0x0)

00:21:46 executing program 2:
r0 = syz_open_dev$evdev(&(0x7f0000000000)='/dev/input/event#\x00', 0x0, 0x2)
write$evdev(r0, &(0x7f0000057fa0)=[{}, {}], 0x10000007c)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140)='/dev/ptmx\x00', 0x0, 0x0)
dup2(r0, r1)
creat(&(0x7f0000000700)='./file0\x00', 0x0)
clone(0x103ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)
ioctl$TIOCPKT(r1, 0x5420, 0x0)

00:21:46 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000001000000"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:46 executing program 5:
clone(0x3103101ffa, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = socket$inet6(0xa, 0x2, 0x0)
recvfrom$unix(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000180)=0x366, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r1)
write$apparmor_current(r2, 0x0, 0x0)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000000)={0xa, 0x4e20, 0x0, @mcast2}, 0x1c)
recvmsg(r0, &(0x7f0000000100)={0x0, 0x142, 0x0}, 0x2000)

00:21:46 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x7a05, 0x1700)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:46 executing program 1:
clone(0x207, 0x0, 0x0, 0x0, 0x0)
mknod(&(0x7f0000f80000)='./file0\x00', 0x1040, 0x0)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
symlink(&(0x7f0000000180)='./file1\x00', &(0x7f00000001c0)='./file0\x00')
r0 = creat(&(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x109)
r1 = openat$apparmor_task_current(0xffffffffffffff9c, &(0x7f0000000140)='/proc/self/attr/current\x00', 0x2, 0x0)
dup2(r1, r0)
r2 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
clone(0x3102001ffd, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
execve(&(0x7f0000000140)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, 0x0)
write$P9_RSETATTR(r2, &(0x7f0000000100)={0x7}, 0x7)
clone(0x0, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
gettid()
close(0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_ADD(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$TUNSETQUEUE(0xffffffffffffffff, 0x400454d9, &(0x7f0000000080)={'ifb0\x00'})
r3 = dup(0xffffffffffffffff)
sendmsg$IPVS_CMD_SET_CONFIG(r3, 0x0, 0x0)

00:21:46 executing program 5:
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000)='/dev/ptmx\x00', 0x0, 0x0)
r1 = dup(r0)
read(r0, &(0x7f0000000300)=""/6, 0x6)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000001c0))
clone(0x3102001ffe, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_INGRESS_PRIORITY_CMD(r1, 0x8982, 0x0)

00:21:46 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:46 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000001000000"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:46 executing program 3:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:46 executing program 5:
r0 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r0, 0x8912, 0x400200)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2ca}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0x29, 0x300, &(0x7f0000000100)="b90103000000f000009e40f088641fffffe100002021632f77fbac141414e9a33fa1be3e7d2a182fff", 0x0, 0x100, 0x6000000000000000}, 0x28)

00:21:46 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xd, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:50 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:50 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a00000001000000"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:50 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000009c0)=[{&(0x7f0000000280)=""/210, 0xd2}, {0x0}, {0x0}, {0x0}], 0x4)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000100)=""/116, 0x74}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
r5 = socket$inet6_sctp(0x1c, 0x800000000000005, 0x84)
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000640)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6}, 0x0)
shutdown(r4, 0x0)
shutdown(r2, 0x0)

00:21:50 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='cgroup.stat\x00', 0x26e1, 0x0)

00:21:50 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000633277fbac141413e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000}, 0x28)

00:21:50 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
wait4(0x0, 0x0, 0x0, 0x0)
recvfrom$inet(r0, 0x0, 0xd85bc8b6, 0x0, 0x0, 0x800e007ee)
shutdown(r0, 0x0)

00:21:50 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:50 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)

00:21:50 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfe1a, 0x0, 0x0, 0x800e00655)
shutdown(r0, 0x0)
r2 = socket$inet6_sctp(0x1c, 0x5, 0x84)
readv(r2, &(0x7f00000004c0)=[{&(0x7f0000000740)=""/119, 0x77}], 0x1)
r3 = dup(r1)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
dup2(r3, r4)
shutdown(r4, 0x0)

00:21:50 executing program 5:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000000)=""/167, 0xa7}], 0x1)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0xfe1a, 0x0, 0x0, 0x800e00655)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r2, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000740)=[{&(0x7f00000001c0)=""/73, 0x49}, {0x0}, {0x0}, {0x0}], 0x4}, 0x0)
r3 = dup(r1)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
dup2(r3, r4)
shutdown(r4, 0x0)

00:21:50 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a0000000100000018"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:50 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)

00:21:50 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:50 executing program 2:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f00000009c0)=[{&(0x7f0000000280)=""/210, 0xd2}, {0x0}, {0x0}, {0x0}], 0x4)
r1 = dup(r0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r2, 0x0, 0x73a0b1b, 0x0, 0x0, 0x800e00549)
shutdown(r1, 0x0)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r3, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000100)=""/116, 0x74}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5}, 0x0)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xccf3, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
r5 = socket$inet6_sctp(0x1c, 0x800000000000005, 0x84)
recvmsg(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000640)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x7}, 0x0)
shutdown(r4, 0x0)
shutdown(r2, 0x0)

00:21:50 executing program 1:
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r0, &(0x7f0000000240)=[{&(0x7f00000002c0)=""/237, 0xed}, {0x0}], 0x2)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r1, 0x0, 0x8164, 0x0, 0x0, 0x800e00547)
shutdown(r0, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
readv(r2, &(0x7f0000000280)=[{&(0x7f0000000040)=""/255, 0xff}], 0x1)
r3 = dup(r2)
r4 = socket$inet_udplite(0x2, 0x2, 0x88)
recvfrom$inet(r4, 0x0, 0xfd1d, 0x0, 0x0, 0x800e0053d)
shutdown(r3, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
recvmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000880)=[{0x0}, {&(0x7f0000000180)=""/214, 0xd6}, {0x0}, {0x0}], 0x4}, 0x40002)
shutdown(r4, 0x0)
shutdown(r1, 0x0)

00:21:50 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:50 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a0000000100000018"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:50 executing program 3:
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)

00:21:50 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:50 executing program 3:

00:21:51 executing program 3:

00:21:51 executing program 5:

00:21:51 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a0000000100000018"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:51 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000000), 0x10}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:51 executing program 3:

00:21:51 executing program 2:

00:21:51 executing program 1:

00:21:51 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:51 executing program 2:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000180)={0xa, 0x4e22, 0x0, @loopback}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendto$inet6(r2, 0x0, 0x0, 0x20000004, &(0x7f00000000c0)={0xa, 0x4e22}, 0x1c)
shutdown(r2, 0x1)

00:21:51 executing program 3:

00:21:51 executing program 5:

00:21:51 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:51 executing program 5:

00:21:51 executing program 3:

[  380.423390][    C1] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
00:21:51 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:51 executing program 1:

00:21:51 executing program 2:
r0 = open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x1}, 0x0, 0x7, 0x0, 0x0, 0xee}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000380)='fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$nV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x871B\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\xc6\x96Y\xf7\xd3`\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'/376)
write$apparmor_exec(r1, &(0x7f0000000600)={'\x9bH\x1b]P\x0e\x06C\xc3MY\x1d\x9b9%\a\x16\xb1\x9b=cy\xeaU\x0e3\\C6\x9bmwH_\xcb\xaa\xc7\xa6\x10&\xb0A\tim\x9bL\xd21\xd2\xbe\xddEf \xa0\xa6v\xf7\xe7\x89\xec\xbf\xc8\x97\xb37\xf0\x10\xcd\xd9\xaf;\xec\xccT\x9e\xe0\xbaw3\xc4K\v\x0e\xca\xdb\xa5\xe6\x91\xdc\x8d3\xf8\xec/\xa4U\x87\x02g\x06k\x9fW[.c\xb1\xd4y\xd4\xca=\f\xd8Q[\xacb\xa3f4\x9el\x90\x878[\x00\xd9\x04\x1a\xa6\xa4\x17\xa6(\x05tl\x17\xef\x1bU\xfbD\xec\x88\xd4\xa0&\xdb\x95wp\xfb\x01[\x8c\xc4(\xbb)\xf3\xa9\x1b\tt\xd3W\x11t\x1f\xa4n\xfd:\x90${\xc5\x16\xa5\x96\x88\xc78\xc0g\xb9\xbe\xbd1\x11}\x8d\'\x15+\xfe\x91\xed\x1e\xeb]\xfa\x9dS\xe6\x12\x9f\r\xc8\x81\xca\xd9\f\xfd\xc8/\xb99\xaa\x1a\r\x92\xae\xb6\xd2\xb8\xb7\f[\xd8y\xc6O\xcfE\xb4\xe6\x16\x1fT\x1e\x9b\x9c\f\x8d\xed1\x96\"\x83\x98\xb1S`\xc7\'\xc2\xbf\xb7', 'fd/4\x00\xa7$\xbf\x05l\xb8\t\xd0\x06\xae\b\x86$dV\x92M%\xfd)0m6Z\x05\xae\xa7\rM\bp\xa6Q\x9b\x0fJ\x973\xfe\x05\x12\xf3\xd496\xf9\x1aM6\xb2|\xc5\x05\xbc\xe71g\xe4<&\xd2\xd8g\xb6\xa2U\xae\x9a\x17F\xa5xi\xe8_\xa8R\x96d\x99\xf6_E\xd0\x8f<\xa840\xd6\x84\xd0\x17\xafP\'\xdc{\b\x94\x00Y+\x18N\\\xc9\x1f\a\xf9X\x125\xb9\xd6\xbf\x1a4V\x10\xa6Uq\xceN\xeb\xa8M\xb2?\xda\xfb\xb1\x9d\x94\x13O\xab\xde\xc0t\x8c\")\x05~\x0f\xb8\xf3\xf6d\xbe\xad\xee\"\xaa\x91\x05\xcb9A\x1a\x8d&\x9e\x81\xcf\x9eWvT\x8a\xbfl\x8a\x83%\xec\x94\xfd\x90\xeb\xb3\xa3\xa8\x90\x90\xdb\xc2X\xf48\xd1\x83Eu\xe5c\xd7\xb7qe\xab\xae\xef*\x9e\x95\xde\xa0\x894r[\\\xc4?\xb7\xcfo\xdb\xbeR\xc5\xbc\xb34\xbe}\xf7n/4}\xbc.t\x94\x1c%\xcb\x93\xea\"Aa(\xd6FX\xd8\b\xd1\x10N{\xe8\xbc)\xc8\x1e6\xff\x95\xa3\xf3\x84\xf4\xa5\xe8f\xc2@\x1f7h\xb3\xd6\xab\x9a\x03\x95>V\\\xc4%T\x94M\xc7`\x83\xa1\xa0\xc8gn\xe3\xfe\xef[\xb3\xbd\x18R\x1b=\xab\x97$\x03\xaa\x84C\x0eWD\xeea\xf5\xb9\x82\xea\xbd5:\"\xf6f/\xa1\x8f%8\xa8\x1e\xcf\xb6\xa7\xe1\x1b1\x94\xc1G\xf9\xfc\xc77\x1c\x00'}, 0x50f)

00:21:52 executing program 3:
unshare(0x400)
r0 = socket(0x10, 0x4008000000803, 0x0)
sendto(r0, &(0x7f0000000600)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, 0x0, 0x0, 0x0, 0x0)

00:21:52 executing program 5:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
getpid()
tkill(0x0, 0x9)
r0 = socket$inet(0x2, 0x20000000000003, 0xff)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000006c0)={'batadv0\x00', &(0x7f0000000680)=@ethtool_sset_info={0x1d, 0x0, 0x1}})

00:21:52 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:52 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, [], 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0}, 0x78)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  380.766362][   T25] audit: type=1804 audit(1575332512.109:37): pid=14443 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/" dev="sda1" ino=2328 res=1
00:21:52 executing program 1:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x444, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='oom_score_adj\x00')
lseek(r0, 0xf98c, 0x0)

00:21:52 executing program 2:
r0 = socket$inet(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000140)={0x2, 0x4e20, @multicast1}, 0x10)
connect$inet(r0, &(0x7f0000000700)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xb}}, 0x10)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = dup(r1)
ioctl$PERF_EVENT_IOC_ENABLE(r2, 0x8912, 0x400200)
sendto$inet(r0, &(0x7f0000000500)="00abe6d29e6101cb8b41eea5cf2e67fea541e9b7b65fe42e517d5f81d2919e1b2f4cf7f77a16fc3e961a0847916c7c2d9b77cd3160567341263cf19b3b2c6177e7065dda850c756c06aede12e9da8118bb5464ad07fa6146f6903ee57345cbd7551f547bdbe947b4f9a0b28cf29a28eda534fc6e2c9bf2c36c87da9ad79e6e7090", 0x4202692d7f740df1, 0x4000801, 0x0, 0xfffffffffffffeda)
recvfrom$inet(r0, &(0x7f0000000440)=""/98, 0xffffffffffffff55, 0xc0000182, 0x0, 0xffffffffffffff3c)
read(r0, &(0x7f00000001c0)=""/244, 0xffffff52)

[  380.854586][   T25] audit: type=1804 audit(1575332512.169:38): pid=14450 uid=0 auid=4294967295 ses=4294967295 subj==unconfined op=invalid_pcr cause=ToMToU comm="syz-executor.2" name="/" dev="sda1" ino=2328 res=1
00:21:52 executing program 3:
clone(0x2102001ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r0 = getpid()
tkill(r0, 0x9)
r1 = socket$inet(0x2, 0x20000000000003, 0xff)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f00000006c0)={'batadv0\x00', &(0x7f0000000680)=@ethtool_sset_info={0x1d}})

00:21:52 executing program 5:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x1, 0x0)
r0 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x20)

00:21:52 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

00:21:52 executing program 1:
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000840)={0x0, 0x0, 0x0}, 0x0)

00:21:52 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:52 executing program 3:
r0 = socket$kcm(0xa, 0x1, 0x0)
sendmsg(r0, &(0x7f00000003c0)={&(0x7f0000000400)=@in6={0xa, 0x0, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0x19}}}, 0x80, 0x0}, 0x2000c4ff)
sendmsg$kcm(r0, &(0x7f0000001e80)={0x0, 0x0, 0x0}, 0x20000010)

00:21:52 executing program 5:
perf_event_open(&(0x7f0000000100)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c43, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$kcm(0xa, 0x1, 0x0)
r0 = socket$kcm(0x29, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000480)={0x0, 0x0, 0x0}, 0x20)

00:21:52 executing program 3:
bpf$MAP_CREATE(0x0, &(0x7f0000000100)={0x1, 0x8, 0x3, 0x4}, 0x3c)

00:21:52 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:21:52 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:52 executing program 5:

00:21:53 executing program 2:
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet6(0xa, 0x80002, 0x0)
recvmmsg(r0, &(0x7f0000003b40)=[{{0x0, 0x0, 0x0}}], 0x300, 0x0, 0x0)
shutdown(r0, 0x0)

00:21:53 executing program 3:

00:21:53 executing program 5:
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000300)={0x2, 0x70, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8d1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)

00:21:53 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:21:53 executing program 1:
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chown(&(0x7f00000001c0)='./file0\x00', 0x0, 0x0)

00:21:53 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x0, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:53 executing program 3:
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x800, 0x0)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000280)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e24, @remote}, 0x104, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000240)='bridge_slave_1\x00', 0x46b618f7, 0x100000000, 0x6})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
r2 = getpid()
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r3 = getpid()
sched_setattr(r3, &(0x7f0000000040)={0x30}, 0x0)
tkill(r3, 0x2d)
getgid()
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
ioctl$BLKBSZGET(0xffffffffffffffff, 0x80041270, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000ac0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(aes-aesni)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r5 = accept$alg(r4, 0x0, 0x0)
sendmmsg(r5, 0x0, 0x0, 0x0)
ioctl$FS_IOC_FIEMAP(r5, 0xc020660b, &(0x7f00000004c0)={0x20, 0x8, 0x4, 0x1, 0x9, [{0xfffffffffffff801, 0x1, 0x2de, 0x0, 0x0, 0x800}, {0x1, 0x4, 0x3, 0x0, 0x0, 0x120f}, {0x0, 0x8, 0x8, 0x0, 0x0, 0x2c02}, {0x3, 0x367d, 0x3d2, 0x0, 0x0, 0x82}, {0x8087, 0xbc62, 0x3, 0x0, 0x0, 0x80}, {0x1f, 0x2, 0x3f, 0x0, 0x0, 0x2}, {0xffffffff, 0x100000000095e1, 0x1, 0x0, 0x0, 0x104}, {0xcb5, 0x8000, 0x6, 0x0, 0x0, 0x80}, {0x1, 0x1, 0x1, 0x0, 0x0, 0x489}]})
tkill(r2, 0x9)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000180)={0x2, 0x4e23, @loopback}, 0x10)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r7, 0x6, 0x4000010000000013, &(0x7f0000000040)=0x1, 0x4)
bind$inet(r7, &(0x7f0000000100)={0x2, 0x4e23}, 0x10)
connect$inet(r7, &(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10)
r8 = socket$inet(0x2, 0x80001, 0x0)
bind$inet(r8, &(0x7f00000000c0)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r8, &(0x7f0000000140)={0x2, 0x4e23, @loopback}, 0x2f)
connect$inet(r6, &(0x7f0000000340)={0x2, 0x4e21, @loopback}, 0x10)
sendmsg$TIPC_CMD_GET_LINKS(0xffffffffffffffff, &(0x7f0000000400)={&(0x7f00000002c0)={0x10, 0x0, 0x0, 0x2}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x24, 0x0, 0x200, 0x70bd27, 0x0, {{}, 0x0, 0x4, 0x0, {0x8, 0x11, 0x6}}, ["", ""]}, 0x24}, 0x1, 0x0, 0x0, 0x56f203fba0cdfa0}, 0x20064808)

00:21:53 executing program 5:
r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0)
r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
bind$inet6(r1, 0x0, 0x0)
fcntl$setstatus(r1, 0x4, 0x6100)
ftruncate(r1, 0x8200)
recvmmsg(0xffffffffffffffff, &(0x7f00000052c0)=[{{0x0, 0x0, &(0x7f0000001b80)=[{0x0}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f00000035c0)=[{0x0}], 0x1, &(0x7f0000003680)=""/187, 0xbb}}], 0x2, 0x0, &(0x7f0000005480))
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100)={0x0, 0x2, 0x100000000003, 0xe0b7})
perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x249}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d9312)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x12d)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000240), 0x7fff)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000400)={{{@in6=@rand_addr="2ba4787542d2146a3cbce9fdb32a59c9", @in=@local, 0x4e21, 0xa3e, 0x0, 0x0, 0xa, 0x80, 0x20}, {0x80000000000003, 0x9, 0x0, 0x0, 0x0, 0x5, 0x8, 0x2668}, {0x800, 0x80000000, 0x80}, 0x9, 0x0, 0x2, 0x0, 0x2, 0x2}, {{@in=@broadcast, 0x4d4, 0x32}, 0x0, @in6=@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xc}}, 0x3503, 0xb, 0x1, 0x0, 0x24f0e692, 0x0, 0x7fff}}, 0xe8)
geteuid()
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000280))
socket(0x0, 0x2, 0x0)
write$P9_RFSYNC(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x33, 0x1}, 0x7)
setreuid(0x0, 0x0)
getresuid(&(0x7f0000004180), 0x0, 0x0)

00:21:53 executing program 4:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000500)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000080)={&(0x7f0000000340)=ANY=[@ANYBLOB="894eaa1de43d9d1c355a1bdc5a11b033fbe35427f8a053bfebfc7c58ee37b255458b7a8954e1aa6c8759e779bb5f126337596166000d8709b32b0302a1da252197dfe4533a6b1d5c010000004629b5f4fb012b1548992e4253a970c7d9b290772e34cf7999a51b5185b57b1750932e5e2d74c6164fb1aff295315db4930dc6c16f00d90bc6"], 0x0, 0x85}, 0x20)
open(&(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$KVM_IRQ_LINE(0xffffffffffffffff, 0x4008ae61, &(0x7f0000000100)={0x0, 0x401})
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'ip6gre0\x00'})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_genetlink_get_family_id$SEG6(&(0x7f0000000000)='SEG6\x00')
epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, &(0x7f0000000080))
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff], 0x1f004})
openat$full(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/full\x00', 0x0, 0x0)
open_by_handle_at(0xffffffffffffffff, &(0x7f0000000180)=ANY=[@ANYBLOB="0a000000010000001809"], 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)

00:21:53 executing program 2:
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
creat(0x0, 0x0)
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x0, 0x6031, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000a94000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f0000704000/0x1000)=nil, 0x1000)
munlockall()
getsockname$packet(0xffffffffffffffff, 0x0, 0x0)

00:21:53 executing program 2:
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000000)={0xa, 0x14e24}, 0x1c)
recvmmsg(r0, &(0x7f00000004c0), 0x400000000000251, 0x0, 0x0)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x1000000000004e24, 0x0, @ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xb}}}, 0x1c)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000100)=0x8, 0x4)
sendmmsg(r0, &(0x7f00000092c0), 0x4ff, 0x0)

00:21:53 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:53 executing program 3:
r0 = socket$inet6(0xa, 0x80003, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f00000001c0)="0805b5055e0bcfe8474071")
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x51, r1, 0x0)
r2 = socket$inet_udplite(0x2, 0x2, 0x88)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x51, r2, 0x0)

00:21:53 executing program 1:
write$binfmt_misc(0xffffffffffffffff, 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x83, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
open(0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x5e)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, 0x0)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000140)='net/wireless\x00')
preadv(r0, &(0x7f0000000340)=[{&(0x7f00000003c0)=""/160, 0xa0}], 0x1, 0x0)
setsockopt$inet_group_source_req(0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000040)={0x0, {{0x2, 0x0, @loopback}}, {{0x2, 0x4e23, @rand_addr=0x3}}}, 0x108)

00:21:53 executing program 4:
r0 = openat$null(0xffffffffffffff9c, &(0x7f00000001c0)='/dev/null\x00', 0x800, 0x0)
ioctl$sock_inet_SIOCRTMSG(r0, 0x890d, &(0x7f0000000280)={0x0, {0x2, 0x4e22, @multicast1}, {0x2, 0x4e21, @multicast1}, {0x2, 0x4e24, @remote}, 0x104, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000240)='bridge_slave_1\x00', 0x46b618f7, 0x100000000, 0x6})
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000200)={0x2, 0x4e20, @multicast2}, 0x10)
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0xb8, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x0, 0xfffffffffffffffc}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x4340100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
wait4(0x0, 0x0, 0x80000000, 0x0)
getpid()
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r2 = getpid()
sched_setattr(r2, &(0x7f0000000040)={0x30}, 0x0)
tkill(r2, 0x2d)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000180)={0x2, 0x4e23, @loopback}, 0x10)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r4, 0x6, 0x4000010000000013, &(0x7f0000000040)=0x1, 0x4)
bind$inet(r4, &(0x7f0000000100)={0x2, 0x4e23}, 0x10)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @loopback}, 0x10)
r5 = socket$inet(0x2, 0x80001, 0x0)
bind$inet(r5, &(0x7f00000000c0)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000140)={0x2, 0x4e23, @loopback}, 0x2f)
connect$inet(r3, &(0x7f0000000340)={0x2, 0x4e21, @loopback}, 0x10)

00:21:54 executing program 3:
r0 = socket$inet6(0xa, 0x3, 0x6b)
ioctl(r0, 0x1000008912, &(0x7f0000000000)="0815b5055e0bcfe87b3071")
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)=ANY=[@ANYBLOB="14000000230005008000d42536c10000000000003d14ce31e1633455cb7a665005f42348bee767dff4d21ddcc997111f256b51987abf95fb32cd566040610d4d2bf7aa572b08974dbe73b3e25cf8df61cac99973bbc8cbb67924cf61bdeaafd2703b65212a3d3e198040ff8a09f7e829e39fb5d9671fb7c866c923f95647658aea8c1e02ad5aa255ff230928bb3e3c6650d89378b5b1700d0722dad51e4dc8dd53deb1f63770307968ce7b6b"], 0x14}}, 0x0)

00:21:54 executing program 1:
perf_event_open(&(0x7f0000000440)={0x2, 0x70, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41c1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x5010}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
clone(0x20002100, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
r0 = perf_event_open(&(0x7f0000000300)={0x2, 0x70, 0x669, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20220, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x20, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x8d1}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_FILTER(r0, 0x40082406, 0x0)
mkdir(0x0, 0x0)

00:21:54 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendto$inet(r0, 0x0, 0x0, 0x200007bd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

00:21:54 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:54 executing program 5:
r0 = open(&(0x7f00000009c0)='./bus\x00', 0x141042, 0x0)
mmap(&(0x7f0000001000/0xa000)=nil, 0xa000, 0x800002, 0x11, r0, 0x0)
r1 = creat(&(0x7f00000002c0)='./bus\x00', 0x0)
bind$inet6(r1, 0x0, 0x0)
fcntl$setstatus(r1, 0x4, 0x6100)
ftruncate(r1, 0x8200)
recvmmsg(0xffffffffffffffff, &(0x7f00000052c0)=[{{0x0, 0x0, &(0x7f0000001b80)=[{0x0}, {0x0}], 0x2}}, {{0x0, 0x0, &(0x7f00000035c0)=[{0x0}], 0x1, &(0x7f0000003680)=""/187, 0xbb}}], 0x2, 0x0, &(0x7f0000005480))
open(&(0x7f0000000000)='./bus\x00', 0x141042, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f0000000100)={0x0, 0x2, 0x100000000003, 0xe0b7})
perf_event_open(&(0x7f0000000580)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x509, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000940000)={0x2, 0x70, 0xee6a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x249}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
write$cgroup_type(r1, &(0x7f0000000200)='threaded\x00', 0x175d9312)
write$P9_RREADLINK(0xffffffffffffffff, &(0x7f0000000280)=ANY=[], 0x12d)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000240), 0x7fff)
setsockopt$inet_IP_XFRM_POLICY(0xffffffffffffffff, 0x0, 0x11, &(0x7f0000000400)={{{@in6=@rand_addr="2ba4787542d2146a3cbce9fdb32a59c9", @in=@local, 0x4e21, 0xa3e, 0x0, 0x0, 0xa, 0x80, 0x20}, {0x80000000000003, 0x9, 0x0, 0x0, 0x0, 0x5, 0x8, 0x2668}, {0x800, 0x80000000, 0x80}, 0x9, 0x0, 0x2, 0x0, 0x2, 0x2}, {{@in=@broadcast, 0x4d4, 0x32}, 0x0, @in6=@ipv4={[], [], @dev={0xac, 0x14, 0x14, 0xc}}, 0x3503, 0xb, 0x1, 0x0, 0x24f0e692, 0x0, 0x7fff}}, 0xe8)
geteuid()
ioctl$BLKIOMIN(0xffffffffffffffff, 0x1278, &(0x7f0000000280))
socket(0x0, 0x2, 0x0)
write$P9_RFSYNC(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x33, 0x1}, 0x7)
setreuid(0x0, 0x0)
getresuid(&(0x7f0000004180), 0x0, 0x0)

00:21:54 executing program 3:
r0 = socket(0x200000000000011, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r1=>0x0})
bind$packet(r0, &(0x7f0000000000)={0x11, 0x800, r1, 0x1, 0x0, 0x6, @random="ec80eff77598"}, 0x14)
sendmsg$xdp(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)="3f0ed01a11b9c0d0968b6ee7f26d7445cf08b159404f969bbecc9b4b2aeb7f6bbaba", 0x22}], 0x1}, 0x0)

00:21:54 executing program 4:
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000280)={0x2, 0x4e23, @multicast1}, 0x10)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000fbe000)={0x2, &(0x7f0000000000)=[{0x28, 0x0, 0x0, 0xfffff034}, {0x80000006}]}, 0x10)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$PERF_EVENT_IOC_ENABLE(r3, 0x8912, 0x400200)
sendto$inet(r0, 0x0, 0x0, 0x200007bd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)

00:21:54 executing program 2:
r0 = syz_open_dev$tty(&(0x7f0000000000)='/dev/tty1#\x00', 0x0, 0x0)
ioctl$PIO_FONTX(r0, 0x4b6a, 0x0)

00:21:54 executing program 1:
r0 = socket$inet_udp(0x2, 0x2, 0x0)
close(r0)
r1 = socket(0x2, 0x1000000000000002, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)

00:21:54 executing program 3:
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff})
r1 = dup(r0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x400200)
syz_emit_ethernet(0x165, &(0x7f0000000080)={@local, @local, [], {@ipv6={0x86dd, {0x0, 0x6, "d8652b", 0x14, 0x2c, 0x0, @local, @local, {[], @tcp={{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}}, 0x0)

00:21:54 executing program 4:
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x0, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$EVIOCGPROP(r1, 0xc004743e, &(0x7f00000002c0)=""/240)
ioctl$PPPIOCSACTIVE(r1, 0x40107447, &(0x7f0000000140)={0x1, &(0x7f0000000400)=[{0x6}]})

00:21:54 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(0xffffffffffffffff, 0x8912, 0x400200)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

[  383.601500][T14622] ==================================================================
[  383.609980][T14622] BUG: KASAN: slab-out-of-bounds in bpf_prog_create+0xe9/0x250
[  383.617543][T14622] Read of size 64 at addr ffff8880a3570340 by task syz-executor.4/14622
[  383.625871][T14622] 
[  383.628227][T14622] CPU: 1 PID: 14622 Comm: syz-executor.4 Not tainted 5.4.0-syzkaller #0
[  383.636560][T14622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  383.646712][T14622] Call Trace:
[  383.650043][T14622]  dump_stack+0x197/0x210
[  383.654400][T14622]  ? bpf_prog_create+0xe9/0x250
[  383.659291][T14622]  print_address_description.constprop.0.cold+0xd4/0x30b
[  383.666361][T14622]  ? bpf_prog_create+0xe9/0x250
[  383.671231][T14622]  ? bpf_prog_create+0xe9/0x250
[  383.676102][T14622]  __kasan_report.cold+0x1b/0x41
[  383.681059][T14622]  ? find_next_bit+0xe0/0x130
[  383.685756][T14622]  ? bpf_prog_create+0xe9/0x250
[  383.690649][T14622]  kasan_report+0x12/0x20
[  383.695275][T14622]  check_memory_region+0x134/0x1a0
00:21:55 executing program 0:
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000380)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
r1 = socket$kcm(0x2b, 0x1, 0x0)
ioctl$PERF_EVENT_IOC_ENABLE(r1, 0x8912, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r0, 0x18000000000002e0, 0x69, 0x0, &(0x7f0000000280)="b95b03b700030000009e40f086dd1fffffe100004000632f77fbac141412e0000001c699da153f08a0e6e380f60108f683317585d7473f1cab4439f0f570ff155bc5f73ba3f8bb99a6e8ded1ce485cf058105cd981b42493481cd659416a2e10c9119664f36eb00b33", 0x0, 0xfd, 0x6000000000000000, 0x0, 0x7}, 0x28)

00:21:55 executing program 1:
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0)='/dev/kvm\x00', 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = open(&(0x7f0000000400)='./bus\x00', 0x14103e, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0, 0x11, 0xffffffffffffffff, 0x0)
ioctl$RNDADDTOENTCNT(r2, 0x40045201, &(0x7f0000000540)=0x3)
write$P9_RXATTRCREATE(0xffffffffffffffff, 0x0, 0x0)
read(r2, 0x0, 0x0)
fcntl$dupfd(r2, 0x406, 0xffffffffffffffff)
r3 = fcntl$dupfd(r1, 0x0, r0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
perf_event_open(&(0x7f00000001c0)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
openat$zero(0xffffffffffffff9c, 0x0, 0x0, 0x0)
clone(0x2102201ffc, 0x0, 0xfffffffffffffffe, 0x0, 0xffffffffffffffff)
ioprio_set$uid(0x3, 0x0, 0x0)
getrandom(&(0x7f0000001600)=""/24, 0x18, 0x2)
prctl$PR_GET_SPECULATION_CTRL(0x34, 0x0, 0x10)
ioctl$KVM_SET_LAPIC(r4, 0x4400ae8f, &(0x7f00000000c0)={"6cdd4237dd245c8404721efdc9c8dc1964125fa96fa42b761c6ec25b2bec0ba4c81036c93a40c8a4d4412a763b00040000000000003c5ca206c047ecee377abaece6b88378e38e06c5fc191f361d264ffa8b46485f02baee1ab6b8154252066178868d1ef4b53606000000000000007c21a984c2b9ca4bbb7a87165c0c1dbc75d7ea4df1001000000000694525952f44500a1f0db509c32cc7ace842c28f37f06e4ea9f1e5f0c6c379f9cc58bf69fcde317fad4825aa1b6a832d4e48cc41bb5a6baa41d614f6c8941bee805954a62d196a4e8d4bf6b21224b57f530d0000c1ff53bf79a1f5c5dc34b22645cbc11c4562d22db88d0edc5daee171cc04d96d9ec2db07478f347edbd6404923ad4a5672b1b285c7988c4ec0922c655ff600000000c00dc290d936d93236051fadfb4b95d02c0bda7ce38dabb7cd103fe4d0c9c963cd717a77f8df8d46099b1f580968af6afbbc19db161c6df3e7c9c71bc08a282fc2c142856b5e4caff4c0a4f72445ef10dcd2c569319d6e9bb2058d023f669a64fc7d9684b45b00000000364673dcfa9235ea5a2ff23c4bb5c5acb290e8976dcac779ff000000000000003d4e185afe28a774b99d3890bd37428617de4cdd6f53c419ce31054182fd098af7b7f1b1152c691611f897558d4b755cb783978d9859b0537b05b623dcb5c4ca9317471a40fa4998cca80e961efffb4e1aa25d8a17deef0c8694c4395fc99be3c3fe7aeb8af4929ce7d346ca62b25d48fda5d10146702f78b233b5208752726ed9f0c340d494b92d19cc930bb8a5f8b4da8f4603ac0c3b698384e17a570dc8524823ed15af4ecfabb4b2541d3c114b7bba1c21a845c9cf0d1cc24aba47e30f558b2246ad95ccf7d2f80cc0ab26f08336ea1a33b79cf35b898837016eb211a1734c7af076e15451e33519fc978f66df7df4557c91024a8dc130a28ef5f63ad07b39c8d23b85cf434e065e8a29a80047fe17dee6f6347b4951f97b5703dc78b1ca9d74ea6a9ae12ab367c0de2659cc38d2f33ddd86e0597d33361eada119b5132145fa4525c488c7fffd6ceda6e9a02ebd97ced6b0161f2cc84615ceb8b18883299c636e9e46724a9a0600a8bb02f3e489631d522019a35fe12a33caf9dd8768ddbc02a484c345c3eff254297b1dbb04989c3f9f3c7b3c985c39b1d313018068d3809bac8c657e39f4f692613e28387e955722908dd88b56163be8312ff47c5b6f280472935af74e97a5a8110a4d74496f4c8ec82ddb010100000000000001a047526865c888c9ff36056cc4ad258021e1581d43badaaec6cc5a2ef989de9801fed6d4be2bfcfe07a69c46bffbe9dd03970800000000000000d372bdd6d89dc1ecf63c23d506114d0fba2bd1c69e8f7e3fccdcda85ce975ec1381b1cec6ddaa76e186719d819164300"})
ioctl$KVM_SET_MP_STATE(r4, 0x4004ae99, &(0x7f0000000000)=0x100005)
r5 = openat$apparmor_task_exec(0xffffffffffffff9c, &(0x7f0000000080)='/proc/self/attr/exec\x00', 0x2, 0x0)
fcntl$F_SET_FILE_RW_HINT(r5, 0x40e, &(0x7f0000000500)=0x1)
r6 = socket$alg(0x26, 0x5, 0x0)
r7 = accept4(r6, 0x0, 0x0, 0x0)
r8 = syz_open_procfs(0x0, &(0x7f00000001c0)='pagemap\x00')
sendfile(r7, r8, 0x0, 0x50000000000443)
r9 = dup(r4)
epoll_ctl$EPOLL_CTL_MOD(r8, 0x3, r9, &(0x7f0000000040)={0xdb98eb6416ef0387})
ioctl$KVM_RUN(r4, 0xae80, 0x0)

00:21:55 executing program 3:
socket$inet(0x10, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
capset(0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_LISTEN_ALL_NSID(0xffffffffffffffff, 0x10e, 0x8, 0x0, 0x0)
openat$full(0xffffffffffffff9c, 0x0, 0x200000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000040)='\x00\x00\x00@\x00\xdd\xa8>\xbc\x89\x01(4\xbdfx\xb6tQ-n\xde\xd0 \xba.Qf\x97E\xa9\x85\xba\x884L\x18\xf4\xa1\xeao\x16\xae\x85Qx)\x15%\x12\xa9\xeb')
creat(&(0x7f0000000300)='./bus\x00', 0x1c4)
open(&(0x7f0000000340)='./bus\x00', 0x141042, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='pagemap\x00')
r1 = memfd_create(&(0x7f0000000040)='/dev/loop#\x00', 0x0)
sendfile(r1, r0, 0x0, 0x2000005)
read(r1, &(0x7f00000005c0)=""/193, 0xc1)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000100)='./cgroup.cpu\x00', 0x200002, 0x0)
fchdir(r2)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
lseek(0xffffffffffffffff, 0x100000000000000, 0x2)
sendfile(0xffffffffffffffff, r3, 0x0, 0xfffffffffffffffc)
sendfile(0xffffffffffffffff, r3, &(0x7f00000001c0), 0x8000fffffffe)
getsockopt$sock_buf(r4, 0x1, 0x10000000000001e, &(0x7f0000000380)=""/87, &(0x7f00000006c0)=0x9)
mkdirat(0xffffffffffffffff, 0x0, 0x180)

00:21:55 executing program 5:
perf_event_open(&(0x7f0000000180)={0x1, 0x2f5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xbfffffffffffffff, 0xffffffffffffffff, 0x0)
openat$cgroup_ro(0xffffffffffffffff, 0x0, 0x2761, 0x0)
ioctl$TUNSETPERSIST(0xffffffffffffffff, 0x400454cb, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000040)='/\x02roup.stap\x00', 0x2761, 0x0)
perf_event_open(&(0x7f0000000280)={0x3, 0x70, 0x0, 0x0, 0x0, 0xe3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @perf_bp={0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd0}, 0x0, 0x0, 0xffffffffffffffff, 0x1)
gettid()
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000840)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0fff8ffffff79a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b7000000000000009500000000000000496cf2827fb43a431ca711fcd0cdfa146ec56175037958e24ef60d25b7937f02008b5e5a076d83923dd29c034055b67dafe6c8dc3d5d78c07f34e4d5b318e2ec0efd49897a745f801ff110026e6d2efe31ab7ea0c34f17e3ad6ef3bb62203099e90f4580d760551b5b341a2d7cbdb9cd38bdb2ca8eeb9c15ab3a14817ac61e4dd11183a13477bf7eaa49c62ba0fe52fa65f1328d6704902cbe7bc04b82d2789cb132b8667c21476619f28d9961b63e1a9cf6c2a660a17e3c184b751c51160fbcbbf35b1e7be6148ba532e6ea09c346dfebd31a08b32808b802000000000000ea334d8323893c5337669dd27080e71113610e10d858e8327ef01fb6c86adac12233f9a1fb9c2aec61ce63000000800117009a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697a6ea0182babc18cae2ed4a9590c35c4a84296697ab4390af9a9ceafd07e"], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r0, 0x18000000000002a0, 0x2b, 0xfffffffffffffe7f, &(0x7f0000000500)="b9ff0300600d698cb89e14f088a81fffffff00004000632c77fbac14140ee934a0a662079f4b4d2f87e5feca6aab845013f2325f1a39010108038da1924425181aa5", 0x0, 0x100, 0x60000000, 0x0, 0xfffffffffffffe09}, 0x28)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)

[  383.700487][T14622]  memcpy+0x24/0x50
[  383.704395][T14622]  bpf_prog_create+0xe9/0x250
[  383.709169][T14622]  get_filter.isra.0+0x108/0x1a0
[  383.714127][T14622]  ? ppp_push+0x1290/0x1290
[  383.718655][T14622]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  383.725788][T14622]  ? _copy_from_user+0x12c/0x1a0
[  383.730752][T14622]  ppp_ioctl+0x12f7/0x2750
[  383.735196][T14622]  ? ppp_nl_newlink+0x2a0/0x2a0
[  383.740075][T14622]  ? ppp_nl_newlink+0x2a0/0x2a0
[  383.744940][T14622]  do_vfs_ioctl+0xdb6/0x13e0
[  383.749664][T14622]  ? compat_ioctl_preallocate+0x210/0x210
[  383.755370][T14622]  ? __fget+0x37f/0x550
[  383.759946][T14622]  ? ksys_dup3+0x3e0/0x3e0
[  383.764352][T14622]  ? nsecs_to_jiffies+0x30/0x30
[  383.769260][T14622]  ? tomoyo_file_ioctl+0x23/0x30
[  383.774205][T14622]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  383.780643][T14622]  ? security_file_ioctl+0x8d/0xc0
[  383.785748][T14622]  ksys_ioctl+0xab/0xd0
[  383.789957][T14622]  __x64_sys_ioctl+0x73/0xb0
[  383.794655][T14622]  do_syscall_64+0xfa/0x790
[  383.799211][T14622]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.805107][T14622] RIP: 0033:0x45a679
[  383.808989][T14622] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  383.828682][T14622] RSP: 002b:00007fa066abfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  383.837088][T14622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  383.846008][T14622] RDX: 0000000020000140 RSI: 0000000040107447 RDI: 0000000000000004
[  383.854061][T14622] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  383.862015][T14622] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa066ac06d4
[  383.869979][T14622] R13: 00000000004c470d R14: 00000000004d9e60 R15: 00000000ffffffff
[  383.877971][T14622] 
[  383.880298][T14622] Allocated by task 14622:
[  383.884804][T14622]  save_stack+0x23/0x90
[  383.888946][T14622]  __kasan_kmalloc.constprop.0+0xcf/0xe0
[  383.895226][T14622]  kasan_kmalloc+0x9/0x10
[  383.899558][T14622]  __kmalloc_track_caller+0x15f/0x760
[  383.904995][T14622]  memdup_user+0x26/0xb0
[  383.909243][T14622]  get_filter.isra.0+0xd7/0x1a0
[  383.914091][T14622]  ppp_ioctl+0x12f7/0x2750
[  383.918615][T14622]  do_vfs_ioctl+0xdb6/0x13e0
[  383.923290][T14622]  ksys_ioctl+0xab/0xd0
[  383.927433][T14622]  __x64_sys_ioctl+0x73/0xb0
[  383.932026][T14622]  do_syscall_64+0xfa/0x790
[  383.936684][T14622]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  383.942564][T14622] 
[  383.944897][T14622] Freed by task 11485:
[  383.949260][T14622]  save_stack+0x23/0x90
[  383.953480][T14622]  __kasan_slab_free+0x102/0x150
[  383.958755][T14622]  kasan_slab_free+0xe/0x10
[  383.963407][T14622]  kfree+0x10a/0x2c0
[  383.967309][T14622]  tomoyo_path_perm+0x24e/0x430
[  383.972163][T14622]  tomoyo_inode_getattr+0x1d/0x30
[  383.977301][T14622]  security_inode_getattr+0xf2/0x150
[  383.982644][T14622]  vfs_getattr+0x25/0x70
[  383.986874][T14622]  vfs_statx+0x157/0x200
[  383.991113][T14622]  __do_sys_newstat+0xa4/0x130
[  383.995875][T14622]  __x64_sys_newstat+0x54/0x80
[  384.000628][T14622]  do_syscall_64+0xfa/0x790
[  384.005215][T14622]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.011106][T14622] 
[  384.013565][T14622] The buggy address belongs to the object at ffff8880a3570340
[  384.013565][T14622]  which belongs to the cache kmalloc-32 of size 32
[  384.027572][T14622] The buggy address is located 0 bytes inside of
[  384.027572][T14622]  32-byte region [ffff8880a3570340, ffff8880a3570360)
[  384.040961][T14622] The buggy address belongs to the page:
[  384.046590][T14622] page:ffffea00028d5c00 refcount:1 mapcount:0 mapping:ffff8880aa4001c0 index:0xffff8880a3570fc1
[  384.057006][T14622] raw: 00fffe0000000200 ffffea00027acc48 ffffea00026a8408 ffff8880aa4001c0
[  384.065694][T14622] raw: ffff8880a3570fc1 ffff8880a3570000 000000010000003f 0000000000000000
[  384.074389][T14622] page dumped because: kasan: bad access detected
[  384.080884][T14622] 
[  384.083201][T14622] Memory state around the buggy address:
[  384.088845][T14622]  ffff8880a3570200: fb fb fb fb fc fc fc fc 05 fc fc fc fc fc fc fc
[  384.096898][T14622]  ffff8880a3570280: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc
[  384.105186][T14622] >ffff8880a3570300: fb fb fb fb fc fc fc fc 00 fc fc fc fc fc fc fc
[  384.113259][T14622]                                               ^
[  384.119668][T14622]  ffff8880a3570380: fb fb fb fb fc fc fc fc fb fb fb fb fc fc fc fc
[  384.127736][T14622]  ffff8880a3570400: 00 04 fc fc fc fc fc fc 00 00 03 fc fc fc fc fc
[  384.135779][T14622] ==================================================================
[  384.143819][T14622] Disabling lock debugging due to kernel taint
[  384.154276][T14622] Kernel panic - not syncing: panic_on_warn set ...
[  384.160980][T14622] CPU: 1 PID: 14622 Comm: syz-executor.4 Tainted: G    B             5.4.0-syzkaller #0
[  384.170686][T14622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  384.180731][T14622] Call Trace:
[  384.184018][T14622]  dump_stack+0x197/0x210
[  384.188406][T14622]  panic+0x2e3/0x75c
[  384.192283][T14622]  ? add_taint.cold+0x16/0x16
[  384.197251][T14622]  ? bpf_prog_create+0xe9/0x250
[  384.202273][T14622]  ? preempt_schedule+0x4b/0x60
[  384.207106][T14622]  ? ___preempt_schedule+0x16/0x18
[  384.212235][T14622]  ? trace_hardirqs_on+0x5e/0x240
[  384.217348][T14622]  ? bpf_prog_create+0xe9/0x250
[  384.222191][T14622]  end_report+0x47/0x4f
[  384.226359][T14622]  ? bpf_prog_create+0xe9/0x250
[  384.231212][T14622]  __kasan_report.cold+0xe/0x41
[  384.236068][T14622]  ? find_next_bit+0xe0/0x130
[  384.240765][T14622]  ? bpf_prog_create+0xe9/0x250
[  384.245618][T14622]  kasan_report+0x12/0x20
[  384.249935][T14622]  check_memory_region+0x134/0x1a0
[  384.255030][T14622]  memcpy+0x24/0x50
[  384.258837][T14622]  bpf_prog_create+0xe9/0x250
[  384.263527][T14622]  get_filter.isra.0+0x108/0x1a0
[  384.268458][T14622]  ? ppp_push+0x1290/0x1290
[  384.272954][T14622]  ? __sanitizer_cov_trace_const_cmp8+0x18/0x20
[  384.279179][T14622]  ? _copy_from_user+0x12c/0x1a0
[  384.284624][T14622]  ppp_ioctl+0x12f7/0x2750
[  384.289024][T14622]  ? ppp_nl_newlink+0x2a0/0x2a0
[  384.293859][T14622]  ? ppp_nl_newlink+0x2a0/0x2a0
[  384.298693][T14622]  do_vfs_ioctl+0xdb6/0x13e0
[  384.303289][T14622]  ? compat_ioctl_preallocate+0x210/0x210
[  384.308997][T14622]  ? __fget+0x37f/0x550
[  384.313395][T14622]  ? ksys_dup3+0x3e0/0x3e0
[  384.317799][T14622]  ? nsecs_to_jiffies+0x30/0x30
[  384.322650][T14622]  ? tomoyo_file_ioctl+0x23/0x30
[  384.327581][T14622]  ? __sanitizer_cov_trace_const_cmp4+0x16/0x20
[  384.333821][T14622]  ? security_file_ioctl+0x8d/0xc0
[  384.338911][T14622]  ksys_ioctl+0xab/0xd0
[  384.343050][T14622]  __x64_sys_ioctl+0x73/0xb0
[  384.347623][T14622]  do_syscall_64+0xfa/0x790
[  384.352112][T14622]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  384.357982][T14622] RIP: 0033:0x45a679
[  384.361867][T14622] Code: ad b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 7b b6 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  384.381451][T14622] RSP: 002b:00007fa066abfc78 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  384.389848][T14622] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000045a679
[  384.397801][T14622] RDX: 0000000020000140 RSI: 0000000040107447 RDI: 0000000000000004
[  384.405841][T14622] RBP: 000000000075bf20 R08: 0000000000000000 R09: 0000000000000000
[  384.413795][T14622] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fa066ac06d4
[  384.422006][T14622] R13: 00000000004c470d R14: 00000000004d9e60 R15: 00000000ffffffff
[  384.431650][T14622] Kernel Offset: disabled
[  384.436092][T14622] Rebooting in 86400 seconds..