_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  338.369471] *** Guest State ***
[  338.373164] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  338.395008] *** Guest State ***
[  338.399970] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
17:10:02 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000040)={0x81, 0x8, 0x3, 0x0, 0x1})
getsockopt$inet_sctp_SCTP_PR_SUPPORTED(r0, 0x84, 0x71, &(0x7f0000000080)={<r1=>0x0, 0x7}, &(0x7f0000000100)=0x8)
getsockopt$inet_sctp6_SCTP_GET_PEER_ADDRS(r0, 0x84, 0x6c, &(0x7f0000000140)={r1, 0xa6, "d6479600b128d8c16cdc48575886b5fa49da89148c624bb590049d63d4d3354ddad05a2786f20d9efa04824c76b04a4df559081f2225d8233d0ebcd7539c38864129711d8fe2a9f79b69b56bfe5dd82e3881bbb815955f6cd3ea56b62621411165b01685b2c67764aae6d7cdf4687416463a303c082674f0dfe8b3719f5517c6df421f4d86326df8aaaaa0ec8c42ef57d7ea51e9c0b9d8f587326d9b6d65288741cc980be03c"}, &(0x7f0000000200)=0xae)

[  338.418019] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  338.438404] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  338.440280] CR3 = 0x0000000000000000
[  338.459931] CR3 = 0x0000000000000000
[  338.464138] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:02 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  338.477400] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  338.483768] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  338.498583] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  338.513514] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  338.530122] usb usb9: usbfs: process 15159 (syz-executor1) did not claim interface 8 before use
[  338.533863] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  338.548423] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  338.555484] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  338.566384] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.571579] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.582472] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.583114] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.583552] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.593554] usb usb9: usbfs: process 15163 (syz-executor1) did not claim interface 8 before use
[  338.611241] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.618497] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.625623] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  338.645526] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.665051] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.669146] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  338.693069] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  338.707573] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  338.715704] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  338.726721] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  338.736130] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  338.744467] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  338.752714] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  338.752823] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  338.753071] Interruptibility = 00000000  ActivityState = 00000000
[  338.760519] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  338.783842] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  338.790899] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  338.799746] Interruptibility = 00000000  ActivityState = 00000000
[  338.804118] *** Host State ***
[  338.809653] RIP = 0xffffffff81223c27  RSP = 0xffff8881b0987350
[  338.814399] *** Host State ***
[  338.820829] RIP = 0xffffffff81223c27  RSP = 0xffff8881bd8f7350
[  338.824739] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  338.833640] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  338.836337] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  338.845263] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  338.854519] CR0=0000000080050033 CR3=00000001b1ed0000 CR4=00000000001426e0
[  338.856843] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  338.870489] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  338.875403] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  338.883929] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  338.891310] *** Control State ***
[  338.895034] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  338.900601] CR0=0000000080050033 CR3=00000001ce557000 CR4=00000000001426e0
[  338.903137] EntryControls=0000d1ff ExitControls=002fefff
[  338.915359] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  338.922837] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  338.930085] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  338.935656] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  338.936978]         reason=80000021 qualification=0000000000000000
[  338.950880] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  338.957334] IDTVectoring: info=00000000 errcode=00000000
[  338.958131] *** Control State ***
[  338.962874] TSC Offset = 0xffffff4892c139d8
[  338.966328] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  338.970731] TPR Threshold = 0x00
[  338.970740] EPT pointer = 0x00000001b5ac601e
[  338.978306] EntryControls=0000d1ff ExitControls=002fefff
[  338.985520] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  339.004383] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  339.012515] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  339.019657]         reason=80000021 qualification=0000000000000000
[  339.025988] IDTVectoring: info=00000000 errcode=00000000
17:10:03 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:03 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000040)='/dev/input/mice\x00', 0x0, 0x424c01)
setsockopt$inet_tcp_TLS_RX(r0, 0x6, 0x2, &(0x7f0000000080), 0x4)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:03 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
getsockopt$inet_sctp_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000040), &(0x7f0000000080)=0x4)

17:10:03 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:03 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:03 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  339.031846] TSC Offset = 0xffffff489011a6b6
[  339.036170] TPR Threshold = 0x00
[  339.039649] EPT pointer = 0x00000001bcd5f01e
17:10:03 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000100)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:03 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})
ioctl$VIDIOC_SUBDEV_S_SELECTION(r0, 0xc040563e, &(0x7f0000000040)={0x1, 0x0, 0x1, 0x3, {0x1e, 0x9, 0x0, 0x5}})

[  339.235389] *** Guest State ***
17:10:03 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(0xffffffffffffffff, 0xc018643a, &(0x7f0000000040)={0x2400003f, 0x8, 0x16})
ioctl$FS_IOC_FSGETXATTR(0xffffffffffffffff, 0xc0185500, &(0x7f0000000000)={0x8080, 0x1000000})

[  339.292310] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  339.312375] *** Guest State ***
[  339.316146] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  339.326199] *** Guest State ***
[  339.326293] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:03 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rfkill\x00', 0x101000, 0x0)
write$nbd(r0, &(0x7f0000000100)={0x67446698, 0x0, 0x3, 0x3, 0x2, "770fbcc2b644699e3356bd4a8892cfead175d8b851c43f8c3ff138653fe5052ee2a6bdcb57644a5993196045b5d7c358597d61e4a01192c71a182ed60a15e3f5b8794d317d3469d721c385f10fd64ba229ad1c9c002024ed68e532ccc66fe47aa13a4060384afacf7c4381d355eb00fdffddb61cdd7cec0a148205d6ca9a7a4305e4e87a761e94edf214b2b9a2bdcff397bdd1ad2727e0f08a06c84eb7272d1ee09b9f54e61029d6438422e6d13da1f2337d2d12de92ee5cc29cadfd9f67221c142142934fefa398780e82ed9543ab88d57ab1a8b62d53736bdb2cc77f552232f04118a34498d755390c0583e88a5b916fc719eaeef23dcc10"}, 0x109)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000a, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  339.341007] CR3 = 0x0000000000000000
[  339.345076] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  339.360288] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  339.363300] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  339.373642] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  339.383512] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
17:10:03 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  339.392581] CR3 = 0x0000000000000000
[  339.396603] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  339.415862] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  339.425691] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  339.441954] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  339.451526] CR3 = 0x0000000000000000
[  339.456379] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  339.462890] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  339.470287] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:03 executing program 1:
r0 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2)
ioctl$SG_SET_FORCE_PACK_ID(r0, 0x227b, &(0x7f0000000080))
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  339.486256] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  339.494609] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.500872] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  339.503365] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.517441] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.527375] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.535679] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.544509] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.554588] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.568997] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.586228] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  339.586663] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  339.597390] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.611430] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  339.620464] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  339.628938] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  339.638893] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  339.647241] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  339.655499] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  339.661623] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  339.662260] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  339.678374] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  339.686136] Interruptibility = 00000000  ActivityState = 00000000
[  339.692855] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  339.700417] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.708411] *** Host State ***
[  339.713722] RIP = 0xffffffff81223c27  RSP = 0xffff88817cb27350
[  339.721852] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  339.724219] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.732551] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  339.736821] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.745316] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  339.759448] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  339.767807] Interruptibility = 00000000  ActivityState = 00000000
[  339.774437] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  339.779699] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.780734] *** Host State ***
[  339.792017] CR0=0000000080050033 CR3=00000001acb62000 CR4=00000000001426f0
[  339.800419] RIP = 0xffffffff81223c27  RSP = 0xffff88817c397350
[  339.802403] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  339.806807] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  339.815029] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  339.821657] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  339.821669] FSBase=00007fb18d224700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  339.821679] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  339.821692] CR0=0000000080050033 CR3=00000001cc375000 CR4=00000000001426f0
[  339.821704] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  339.821714] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  339.821718] *** Control State ***
[  339.821726] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  339.821732] EntryControls=0000d1ff ExitControls=002fefff
[  339.821743] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  339.821750] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  339.821757] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  339.821763]         reason=80000021 qualification=0000000000000000
[  339.821768] IDTVectoring: info=00000000 errcode=00000000
[  339.821773] TSC Offset = 0xffffff480ca5545b
[  339.821778] TPR Threshold = 0x00
[  339.821786] EPT pointer = 0x00000001c1df901e
[  339.821981] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  339.821999] *** Control State ***
[  339.822019] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  339.822039] EntryControls=0000d1ff ExitControls=002fefff
[  339.822063] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  339.822102] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  339.822142] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  339.822180]         reason=80000021 qualification=0000000000000000
[  339.822200] IDTVectoring: info=00000000 errcode=00000000
[  339.822218] TSC Offset = 0xffffff480f7e9bc0
[  339.822237] TPR Threshold = 0x00
17:10:04 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:04 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040)='/dev/ppp\x00', 0x4040, 0x0)
getsockopt$inet_sctp_SCTP_FRAGMENT_INTERLEAVE(r0, 0x84, 0x12, &(0x7f00000000c0), &(0x7f0000000100)=0x4)
r1 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:04 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = openat$selinux_avc_cache_threshold(0xffffffffffffff9c, &(0x7f0000000040)='/selinux/avc/cache_threshold\x00', 0x2, 0x0)
ioctl$ASHMEM_GET_PIN_STATUS(r0, 0x7709, 0x0)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:04 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:04 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, 0x0)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  339.822281] EPT pointer = 0x00000001b403001e
[  339.831301] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  339.883191] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  339.930304] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  340.104149] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  340.118199] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  340.144916] Interruptibility = 00000000  ActivityState = 00000000
[  340.165903] *** Host State ***
[  340.169190] RIP = 0xffffffff81223c27  RSP = 0xffff8881ae187350
[  340.175200] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  340.201318] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  340.214347] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  340.220454] CR0=0000000080050033 CR3=00000001b523c000 CR4=00000000001426e0
[  340.227522] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  340.227533] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  340.227536] *** Control State ***
[  340.227544] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  340.227550] EntryControls=0000d1ff ExitControls=002fefff
[  340.227562] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  340.240296] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  340.240303] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  340.240310]         reason=80000021 qualification=0000000000000000
[  340.240316] IDTVectoring: info=00000000 errcode=00000000
[  340.240321] TSC Offset = 0xffffff4810af3e5a
[  340.240326] TPR Threshold = 0x00
[  340.240334] EPT pointer = 0x00000001b058301e
17:10:04 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:04 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
syz_open_dev$vcsn(&(0x7f0000000040)='/dev/vcs#\x00', 0x6ef, 0x343001)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000, 0x40})

17:10:04 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$BLKIOMIN(r0, 0x1278, &(0x7f0000000080))
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040))
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:04 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), 0x0)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:04 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:04 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:04 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000040)='/dev/audio\x00', 0x101000, 0x0)
sendmsg$kcm(r0, &(0x7f0000000380)={&(0x7f0000000100)=@nl=@kern={0x10, 0x0, 0x0, 0xc000000}, 0x80, &(0x7f0000000180)=[{&(0x7f0000000080)="ce33ba68e8d370c22a92e26f61816880f513caa638ad5c32", 0x18}], 0x1, &(0x7f0000000640)=ANY=[@ANYBLOB="d800e2000000000088593729040000009f11c50082530865e30f1eb1300966623f9e9dc8f1f84a7d66df27f9bf5aca1abc42ce3a00cde11651a8edd8274594b10af90f9e50211e5674fcf7f5bf99b3fe1be9e83bef7fb77840a743aa9f2395ac77c46e650b347f5d58d91f0ff5e59d160f31a5a1b01d07c20f8e89f1e94eabcb5cae8e5a93c022348d865b5c86abbae3fab19b49984fdaa050cef535310afe0d175fd8214658a4e5214ae9f094366a6dc7e5f93befeb45920accc3b167dd27e4a9286ea52648c8ee579566e93149571f957f140a262b4f851c00000000e8ffffffe800000013010000940f0000b396934b17ae0b7fe247ddf0ac7d3fbf7741454a60d49c443f888e7e7e085e41dc90e54f6a05ac703d40d4924b50e8611f79c278a9362adf006958d38c312a437f57265b5fee26f2bc9a3540f3416f1679c550644056a2305533d4906ed6a1044be24bf4aef1adcac9c34843f0ed24d7d15780410c48ccc8f661883ae516719e4f05a9a114e507e9e5dc14a9d32665614483a5aa716571bb0b7351523737557b06748b2bf185dc2aef52ef38b2fd5ee83e310ce9e63940034767ea2c4472a8c6e93d8954b1baaa0270ae4baa30169a09a43dcb5e0cc4897e9b66533094f64ef52600"], 0x1c0}, 0x20000000)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000400)={0x1e53, 0x1000000})

17:10:04 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$radio(&(0x7f0000000040)='/dev/radio#\x00', 0x3, 0x2)
ioctl$TCGETA(r0, 0x5405, &(0x7f0000000080))
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  340.455601] *** Guest State ***
[  340.472037] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  340.535476] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  340.567971] CR3 = 0x0000000000000000
17:10:04 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000540))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:04 executing program 1:
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040)='/dev/sequencer\x00', 0x10080, 0x0)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$EVIOCGMASK(r0, 0x80104592, &(0x7f0000000080)={0x1, 0x1000, &(0x7f0000000100)="742d641072164abfd612e9289b810a6857becf8293ca226d158b2da7db10b015052cf41c4bebf8048e44b23989a400e24b97a2bbe3d89b336d11ac0151fbbed5ae8cf9d39b2ed2dc2b167d47ae68e14dcf5c0b0490b5ff3e5ca9c6f870c4cfd17879d46833ebaab459eacec6c212ce12a3d6926125c53cffd993525efb0b4bc8a31787270c6e6a9730d202578e346a5fb5f560acda451de2c896eaa1702ee245677b61cfdb801a77398793f0c7d4af7b3b47d1961dd80b357cca013b2c675e1d180d3ea8232f7b1c25407b69199678edabc6fbdf803e7dcd785d56d0501285ba30ad173530b50b48d750cf905a0e42dcb43acde1591551c9cabde2e5a1d6ca1c1b785ca2c55166d7a1e597579886a2acc5df331180af561e512263d18abbfbcce101f4f96294337b40a2bc58eb5b68d671651a1b0e07862e4481852150036a51468ced45eb380b6fc3dce74d069ddd09ca5d7da69d64f11b201c04a21e80c0618edba5d7cd8716877941c03897bfc979738d5edb5218c7bf5d2c113428069573bc143c041c30388d5110caa7da027fd7f4959c6451fbc15acfe3cf6040cc6577499c2fa1b021ac070f0d089288596b6b9a18360cd24c2f65226a9d2efa6b127ada1e0e3ef9fda1a8a23eb0fc544f69c58738579e84316f64d0d1035325eaf1da8d356ce476b64c2fbd67333c1a469e60cb3293621f9def85c4683e82f97ea5a48c5bc46f8220ca36d1c9fa5ffe2ce40a971234aff7fdce7ee3666f15f2ffdad241bb2e28372e923460174c4908bfcf22d8027fc5e849bd3592cd28180434c48cf6473f4e2502e09793ea63e4aa27d482d94d0d0023335c73febc33925fcd1352372e6eefbde723c82e0a449f2328e9171f5e5e38a1eff42c13a6e99b4947d5cfa568a9a9c74a1d550310669bd828e9e10a5fd01fdcb864a59efe111ca398d72e63ed68379324d8ec704d2a7ec9211a35d354a0bf57af6009b0d6067857582be4e46f8069f77c008950f1306040c87db5516d7f330336fd7b3cf49cab08a0180ddc0f60640defc9a037d32991878f49a7d0eee14629939914c6a709a46afd8c05dc2c016fe23a15280d57580556a8f9e1ec5ef2e1488d564701d20426c75c49fc17d5ba58df7319f3bf5ed088ab6aed85983c9bae66b5fb0a91b7e79d5b8e7900cff038af7bf4929485615d8327471078c7c328986476ccaa5576d004bb7443effb35f0d2528a0bfd589513cc180279d8326b40ef9f130675ea91dccf5b1ef5ca191358c0cdd56b34cecffed4f6b11d4635c083b8b04d7961d68931b69e437a306ef7a4bb58e8272782864c17ba81a2a18ce194069c8540f80874f048fe8983a911792b6e476d37d94a700e9d3821d29e71434bd282be3c5db561255867d63b3aca8d719c643bc34e8b069c77ae87770ca37874b260ce4998830634695eed079243ff8f9168d59aa822ce3a91fed569271e1238d4bb129f3893ab8652706823d4fffb9cecdfea36f986b1cf59763121d1356f743f894ed8eac5c2b2f5739d457bba04211165b3e4b872c4f302e4faee44326252574d6b7a56fdc4e35601ccec9dd48b33aab92ead9d744fd6ce309f7fdb012fe4e7cf2008ee64c8aa06ccf3d4bb946093781d3148668c37dbe48e2a41cecd98d9410a8a0afd02f7e80208ba3e138d740fa9bb91e40d4c3a6edcdd72c5537d7bf7c8efb45b25e4b518ace4cdd4dad0fad151eec04d6e034d141371e7a1a20770b1cd5e3b9a4a7f330b57e40ef178061aed121d9f133f6d1cfdfe8150b8459a9aad4d55c8e1624d9c23400f85b6dbf90baf07d739bbbae6ad84fd8b7923dae6e4bfe641c9df4a7e284791e929ba4e969f7c2f51bb9bf029c30bc61aee1e74417f2fa022dc6572ee235dd7fa8e3efde095d4812e53ee0fbdef543a85bc4415699c4b4aa5fec7aa607b685dff7100cb7034d13591639387ae56ca3afffaaed8fbc66d7b380f76af6f79759d2a7a9c97b0bc88c35be914c84d34515671b9786df82f0ffa2d193bd91e74d53772082b10be054854359c1f905e607a0f49193305d7b60c731f873b39831c3e29512161c0896d4e4952fab2b4bbf78131ae5ea5064510e97065f43538ffdf1c6f3266b2bab65f307fa2c970691a7e080109025426388ad39d5f9701eac99fd29b41fb80263d3e5605357cf063e89ab4ddc1b22743bd8d124c8c1732c32ed6f583860e2235541252065478a229ba8dc57fb3bbc82b91e171ffee8d1951524e1b729d5629e802b21c93dce52bf0798b9a0c5f729ae1755547354f77ec7115f159b3278c4f8815f92db4203fa7e9799a0c663369981edea9088d47319b273334a83ba322cfaed398b24c656f09fc613ed3ebce4c4bd10724fb121233d3d98bff29c4f3b6353372194174ad12d2ad9e1176b932614d5d72105c96bfb0f31d5542b77cdc35b707900b61c6a1cd24b0885aeb6fc8d0fc63f06e551d6a5be9167c65fd4d24831a3967d98807a2ad5bc16fdbc3ab9973357f5390a13a0aadc67361028110bc4716e29a47338e2f43a44d25387cb00e074ffda1340746ba91a2d419014699aa958cf73d8fdf000cda85351143ea676b28b029a505dfb041efc3225dc6e4aa8da433ce457ff38f9e02cd876d4f4d9cc2569bc383b000715cbd47788d9dcba992154e93ed255c1f6e0b32d21f9aefe42c4b67366dd4e06f7dff8a2612c02cf690edb72fbe5bd85949e321c5ea3efbc32ac197102d0238d428cae2f71fbe16cd790d492b67dca62965014391c9df39af8138cc9fcfbe63e67375bc3329076f762b322dbd914445eefa5337a1731f7db6778a0eb2cdfd879ad5187c9429fef716e96568ad1f7931b1077e23364acdbc6f079cf0126976d3b621de877935451336b4c484f3849ce4d6d72a3d25d3dc11cb2aef4dee98a7ba53156a7d286a6361cdd270c8d86bef7e59406c455dcb9a32f5f8509bd10827ff44f5411285142eb21dce1de26789d685817ab258dda165c8eeace2ca6c58181d52269fec962640ea8e97437cd802d9b635ee4c213012417a8d5cb9580b21ff71e936a0ce60a9151d75f24f80bb49c0da35e7202944b3d740dfb2581849112f5ac6e66235731405b1991953a99ac34a9614ba53bb5c82b9ca753f14eebe81af11f6a1517359832293613cd0c0e199fd7284261b5f36ce356ea3dfc4510b6799d28d1f957a6ad61c5a20d84638e24b7f49ec09de15ddd3fce9c662343670d21b8b44e4db58ae367491af263dd0622baaeb81c8f48c258bacfe45980122f604e133a486ca4793688a58ee00e1f6def9fa6d5c203a1a058256d32a9ecfd3b846c00de9b52983c1c3c9e85678128a03aa912fa2f250038261d8d94c91039d36f72a108f2f4025b9e022768436c3c565b48ca64c96caed11cea2f1f996e7401e0d091f70c691213b3159db2522e8b1969a00007dc4bcd6e0a4937c899da37926c128711c24ab43870b9882ce84e6275ec805bff8c8b3eaa3c261a273efb5172d4ac3bcf3d202cc48f94e635c8a8da8dce4dece8001d32392f37206c0ada3072db6796cf084b04171f7fa2cfe9197f30f6640f21b71415b65a9d1df84e16f5766e5845472b7ecd6349ce9c963d3ab609d4c7845f045286c218e702413e7f2dc9f208f915ff78527b52cfa232978c5bfb33b4acf2df8be6cbab2e541cf780f94c4db809443759dce44037a6cbd8f067cf33278711568d860ce8f7f39f0f36824f3797e47508079ca39c7740e8d1115f621d2dc01e8b96c65f896f2eda07483b15d0d6fdfbcb613f358753070c3695ebfac0e8c6360dc0cefedd6644ed375bebab9be9a45f6bfd641ea0e56b14aa6800a02fc46aaebce7d88e4edd3862fb14e527f77e557e698b54a10e3adf03ab66c8e190600f9aa40f432df8a73dbbf16e399c9dc55c70421d034cda711e7f80f2d5f50ed90af5410aef5f54937dade56aae1053fc006d97ea6b56f6a5a6bf9d88b091ab17b980ec6734858ee675e0977c26ae14d5d6fe742b881f04321d160e4a8d4759d9314b77a56bbf5eb9a9e02eec9d1264d0ed7efc3732943d60d051915b1f1df44256d9e228a7ba240ed40cef1c6764f0fbdbd56f0c0879742202f5f2dc3cb509e64000f450c9e55e6c5b9a78e330cfb03058188b300ffcd83eee0ee826b61ab587acbfff6d11975ae495b0e923d17066d1b76188a5fceb3b6bebac6e500c1644aed3d3847c358a2c2e8a2424e43b6012d0dd6da2bf43768066357bcf276b4070b1e31eeb185c718b3d4a68621f78a9c232670c03c612f64386698fea8c77a34caddd38bc0f7b0d861249a859c885421795eacd3ff5435008ecb065ec47d08a90affb9cf8c684978d00dce5aafefb854de6d6f6b1092bc41a652c4e9971f9e4ec01bde70bb664b75624ae27e04ebd58aef09839867bcc8b2f017992f9ae1d93766402948311ed8d315b692e7896c18d6639898258af8be188c0a5113795264c2c854ae027f5de21507673417510963ece02fc4f7946cc2cb5009ef316d4ee74745d33279461fbbb2b3c5bd58fd162f3d2cecbe419dc5161def1b06ea140f31497ede30def1ea2d5d33f0aeae2f0af33be3923ebdb111fc1f16d176b457456588de2ef5904691edcd5af404cc40a3d3c176ebdae801a4de3d4923970fe4e0a3982987864dcc2b4e05c886390ebc628138cf10d3936202e1be2f126f4105a78b506824497b51883822d314fab7ad17fd808f61e55185d7792d25c04785c63e09bf54d818af5f437147b58112dbcd31e97ba48720ff40ef33f2874a43f2ac643cc31b9e5d94465cb211eacbf6f0d97be619f86d1aa8efe68d432d80b06a739387c952fca75e98d351ad7feb14c8d5e434b120373bf0bb004d2637d9c718bf267f007ff4e63f4e4f62ad66ee0cdefb3e7435551cc2f5ed706391bfb9ded20aeff674629a8ae0cb1868560b2fe9f8b18b5e40063b35219e7881707e624fdc72fb5b92a0e4a184ca5067e2e5d07805e86340688e5fb6a891465f70bb3be28637a14f2c3c42ebd1ba1b198d87a4322a4dfbe710b49fa010ad9ade05c4834d1f0e7ec7cc260c481a56bba5a3a7d254bd84bca8b85d3efe756f88f03f862bd1ed2d611e099ec15096d74def2d01cc46687d51da2de5c59854118fa7aaad4e7fbaa34866b4587813e1f6f0c8941721cfdf7b0185b622c8725de87c5d40ddf02abb6ee225f018b13da610395e5d50fcdb60592be76537c268b8f15414f7ff44d4ace87433f4ccfea7f6560676af701a57cc0395b06f09028d4efb160253c5ff1ea6bfd576da767f65f314c643784851a1683f22c5590dfbbf15d98a31f4615c43634b154e2794b43eb57e818e89d7b279a1e6d5e73bc164db35f18d1cb7ecd502e653d0ab853bc1d9fdc84cf912357893e09d67de7b18fa838897d03809a88d8f47397e4565efe57d92fbdbf711f573327d2a02b9ab5e65cafa2b53dabc751d86ac02ea4487e753cf45075c554b338bf81190012395f479aa513bb58a395099dc2b4920ea04b46c1265805f957031e65d3c1c248135c42b0b76e3d7aff8a68663d5860651eddb6c43c3e5209e3155d8a8d7d26b63b552fe03c27d8a66831e9881a19e63ea3c3d4f71c8fc639bca79111fa2ddd1efd87cecfde7e689f9fdfab30c04304058cb0e6796d3abae27ed1ebbf0f822a6ee6e47902755d9a10971f8f9bc14fcc6ec1856b45958e82a37b1df7625194780c66f5ed0a5f9b6cca7c5629fca38c765d56630a8a32985533a82a6f8b3fd24c70501a2feb7c66d2cdeb8cc144b9ecf93db41"})
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000, 0x0, 0x40})

[  340.582592] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:04 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f0000000040)='/dev/bus/usb/00#/00#\x00', 0x15b0457e, 0x3)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:04 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(0xffffffffffffffff, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  340.645348] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  340.685535] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
17:10:05 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:05 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f0000000100)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
getsockopt$nfc_llcp(r0, 0x118, 0x0, &(0x7f0000000140)=""/4096, 0x1000)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  340.731537] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
17:10:05 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000100)=@security={'security\x00', 0xe, 0x4, 0x488, 0x3b8, 0x168, 0x270, 0x168, 0x168, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x3b8, 0x4, &(0x7f0000000040), {[{{@uncond, 0x0, 0x140, 0x168, 0x0, {}, [@common=@dst={0x48, 'dst\x00', 0x0, {0x0, 0x7, 0x1, [0x2, 0x7ff, 0x9, 0x1ff, 0x2, 0x40, 0x7fffffff, 0x401, 0x2000000000000000, 0x7, 0x1, 0x2b1, 0x8, 0x7f, 0xffffffffffffffd9, 0x8], 0x6}}, @common=@frag={0x30, 'frag\x00', 0x0, {0x3ff, 0x3, 0x100, 0x0, 0x3}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x1, 0x3}}}, {{@uncond, 0x0, 0xc8, 0x108}, @common=@unspec=@ERROR={0x40, 'ERROR\x00', 0x0, "70ef99e4fbccb68cf48ff2058bba57e85d5a33d235902d3fda216e64ebd4"}}, {{@ipv6={@empty, @loopback, [0x0, 0xffffffff, 0x0, 0xff], [0x0, 0x0, 0xffffffff, 0xffffff00], 'veth1\x00', 'ip6gre0\x00', {}, {0xff}, 0x7f, 0x0, 0x0, 0x34}, 0x0, 0x120, 0x148, 0x0, {}, [@common=@inet=@udp={0x30, 'udp\x00', 0x0, {0x4e23, 0x4e23, 0x4e23, 0x4e23, 0x2}}, @common=@eui64={0x28, 'eui64\x00'}]}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffe}}], {{[], 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x4e8)

[  340.777278] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  340.811057] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  340.829965] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  340.863293] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:05 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000540))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  340.890325] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  340.936480] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  340.958669] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  340.966676] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  340.998587] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  341.036217] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  341.039997] *** Guest State ***
[  341.045813] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  341.050756] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  341.073055] Interruptibility = 00000000  ActivityState = 00000000
[  341.090078] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  341.092053] *** Host State ***
[  341.099560] CR3 = 0x0000000000000000
[  341.106529] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  341.107798] RIP = 0xffffffff81223c27  RSP = 0xffff88817bc27350
[  341.112970] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  341.119722] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  341.124915] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  341.131604] FSBase=00007fb18d224700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  341.131629] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  341.138972] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  341.146475] CR0=0000000080050033 CR3=00000001b84db000 CR4=00000000001426f0
[  341.152983] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.160430] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  341.168266] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.176972] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  341.182645] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.194195] *** Control State ***
[  341.196935] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.204823] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  341.208465] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.216375] EntryControls=0000d1ff ExitControls=002fefff
[  341.223529] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  341.231815] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  341.247603] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  341.253126] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  341.264062] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  341.267267] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  341.280650] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  341.290937] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  341.296208]         reason=80000021 qualification=0000000000000000
[  341.300442] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  341.308336] IDTVectoring: info=00000000 errcode=00000000
[  341.311937] Interruptibility = 00000000  ActivityState = 00000000
[  341.323891] *** Host State ***
[  341.328574] RIP = 0xffffffff81223c27  RSP = 0xffff8881ae3bf350
[  341.334897] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  341.335723] TSC Offset = 0xffffff47666a3081
17:10:05 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})
fanotify_mark(r0, 0xc4, 0x2, r0, &(0x7f0000002a80)='./file0\x00')
sendmmsg$nfc_llcp(r0, &(0x7f00000028c0)=[{&(0x7f0000000040)={0x27, 0x0, 0x2, 0x2, 0xaa8, 0x0, "1ff66142e576a209bbc2471c4ad9221da3f2e899a70ebc8db3cb8136028a72d7a1b8bfcd6eb57fdda5b7e950f2d1dac66e449687facae27767b6b697f8e61d", 0x2b}, 0x60, &(0x7f0000000440)=[{&(0x7f0000000100)="2d9bf7887444b27acc214cbc24826a0cea9f6e41f6e46bc0e851919fd1b5fb7efc799ebf04df9006bb16be0bb01fd874c643190130fd5cf80e92dfe94d86af2dae958cd728944b832b9a8b41ad0ff85a83e2c2a8c17a398246685da658bfcc6921afb45cf0f33e67ea619abe4b05f4b52bf99fd7e43054ee2ca2d67803a560f97036286fd473872ff17aaffd749dda9a7a68b690f6bc7a29c27865cad7736f608361c43be93ebd4408e8121a4d9269c0b5d147487e97bbc7ec9419eeaf5530e49427c093d6e513fd8672258ef7a4c6c0189559782e0fdf3df0589fb5b8ce44f63556", 0xe2}, {&(0x7f0000000200)="daea42f269db59c830199b5d0203743e7dd6e182c2c4275837ef3138e04eec1ccbaeaa52150563a4856be3e2656eaccf1ab9430847f7844fffc158d2c4a1bfdea83efffd32a85ae5892fbed7d5529faa0304e0378bc7476ed4ace364e76c6dae4e6e4c92f28daba0da7a3e1fb321462e11f2a5b6fed01b6eedea19c8e7cd975ef130b6c352c2907916b9a928cd237481a909a83d3588c6e81d81db7f46aac27f29b91b51ca6fd0af3ec5bd84f7a589bd7e1157805f02e0da46ab11649c96647a90fb0ebe7eea3798734082c1100d9b898a9bba69e2ca3b5b8f60fcc4773fd9a780fe4af5f29c2c310d765cec9c57c52e5a26d1d40a", 0xf5}, {&(0x7f0000000300)="e05e467d97b42eba3f78cb70fd260d2ccff4d2ee39816fca8e5721aa00de785346a96e601dcbd7ca858000e84e38e6951af8b2b3a0166de37d0d9420f41ec026eca1b5bd0583119fb8b46152c4d4ab4fd036c4e2449b43789d76adb47c0f4d12cfda2290b29bc0e3408bfeaa19032efd246ca5c981d014167e9ece7d447acd102ebda8da173c968be08bbfc703baf59dd9f9d4b93629c47bc9b1180855f194457495b623c78c285312b0c5befb4038e5c191481e9947dbc0db22c8ad31b4bd565e6c745311", 0xc5}, {&(0x7f0000000400)="08023df20ca0b0f0d3a02ff4274557dfb41342761c2442f764dc623176", 0x1d}], 0x4, &(0x7f0000000480)={0x58, 0x103, 0x2, "8bf5634f230afc6f2beccc6b9fd29107e792150b2c39b58a174c8408d3a99f7ad9ae3328aaea35693a43d5c8fe819b307734b2756aae87d25f09bd1a2b0bbc075e3fa86549"}, 0x58, 0x20000000}, {&(0x7f0000000500)={0x27, 0x1, 0x0, 0x7, 0x1ff, 0x7, "7a94c76b1a7995911d63e0681690d6d87e2c6b37249326da3eb9210ec16f415b65ec56a485176eede0c428f0e382a81f537b119f0d49c40cb044249406bf87", 0x4}, 0x60, &(0x7f0000001640)=[{&(0x7f0000000580)="4bb0afd71d74326d8b7566362c57f2e7508642ae0d92a5f6308a07f6292e27b5ba3bdc5498d09d8b287558fddf10adb83bc3270f9ddaed6917c2bea4480f6bd79438ac9d59b10e052f55ebefa698702ebba4ca8933c22bc4d1a026ce4dc417c1f65c9c1ade974f8cdf389fc8ab4a0d0b764f65e21a55b1df764498a33be64328b82d0d6171c11df188414dfef549423c41d4f876bb6bb8cbd67f820cca6dd0435f302f6df5b222eb293139624779", 0xae}, {&(0x7f0000000640)="655148f6c3322951ff4438f1994966a2e000a65c6e66b5a49ce9601f75848a68f409291e279acc55ef6af15fbfb90a5cf955d6765e9e0a459b85516bed5949e50242ce0bf531cea5905b63c465a67759da6ad7db2a241410349e6fa4e3677e2b5bfec1a7f797c31f26364a77b8569d0053b440d379376f78009f1e75c7fca5f93509ed82557878a3640be3de6bcf75bbf6b8c5e897afa7a04087396efa28732c86cdf212ef6731cdbc7d3e01565e2f2afbdcb04bc50b4a5e197be6aa6f8cc5f2aa19f2794a0ca39dae06bdd0ad87001717ff55b5bb84a506bb9c77574f28b944dd7004c54e234e68f53edcc6e6cf5e40e2ea39c600f7ae2f26a28c093998bc0fcbd001fffc9ab501345d7218d19113d3a639fbe8709ce15c79aa2f6e5ad48d3c6adf81418ce69a671a0797e7f2d58e48822014e62685da74ba39d977ad2c4e0d98e0919c75eb787e7a88d947e6815f8e6818a7bbb7af7ce524427ce2ba09606ad467e56ba3953f8ea6c5bcd2854b7d0f01337dee122fbc564601750498c6170d42af1a2c2a1ebd87e6ee7fe29eb7e027a1545c6894f586c16771bc2803ffd5344300ac251a6248029747f4f337a97324db5eea67455cf2a734f3aa96f33eaeb56daae942f1bb3bd5660fa414d2244700cfffb1c316d63418f5ace5cd7e65c2c33f269c2fa2259b67c45fe587c226bdf2f17bcab5d45453a453e5e57536158a020a6c1efcf1c5c84e55f4ef5021fa8e19ace5af994e8879eda0fd08bd26dc08623889535099501226f51de515b1828cbb49cb50435f7e6edbb518fce12a2e176240f9db809ef15c59f6c7034647f08c7f3c05d543bf6014a9b8ddcf530f3620c4e0b10f6bede0017c295c33152b21ab406a7bc354d1583adb7706e4325710b471182a52a488de84abc1376134bea3221062182578cb3464580c38596d3ce79de26a705f5199639a161ccb3621ce7a59b09f1adcd7492e737ca106ecd75ab6d4ce239d05e2fe087c19de7e6a62ec913e026aad7e637a60343c7484846c11771e7c09bc81073c8e7a9924d98a509cf421b97c040f33df49c5dceefecedfb0365244bfe38db91c05210f2191e63cd3663f86dfbbb7e3073c24e1ca3c9e5fdde6ed39339e5efaa5f12528f45dceb54426f31f628e3e0ed53f56cec26c74343e6ac76a2b4e919e66aee6641a91dee3b1886ef94d7abfdc774d2182fb83d03ddf04ff57503d05d1dd746248072bf6a0e42309c7fddb998007cf3d7b2658ca8ee9b95e151fecbd503a6cc055e30feed607e55837922d11782a63533fe59aaf0e600db0bbf0f4b59a6443b3dee0e68040ef9b7506fb122b16011648be5898adf02a2ee52d1785867f6d88bc19415ed87122d8c5d601a08b1712ba5ec21a53830328039e81b285d9a88237e71a2af3672224f19ec0d1662416fcc250e10ae0018d50712964b9292a2a96274c5c23e3f20588245b2ea3aa4ad2150fac5603cb27da7a821bac31c9fda89f42118af16f51708424e7bc38e46275d0d90a1bd4d92a4d1b07ea3346febee13471a71b2ea8f4365bfc5db9e6f60465f3ba523949ff0715f83c8b79666b77b1a1409c7777ebd4f1386e1dac3cffd6535a576203460fe81c7ded864250512c33d01af532980b6e7c107674a7e1702f1ccea847756ddff118051e4799306dadb06986bc4a06e9e1f6feec8cedc1c63775fb78ed6cbbaf398f760f6056b70b7d19f70392721b8caed912d66f4fa8dbd958d8a864342026903082d74ade00534514f697661ffa7b8841a74b14019ad7fea4dce690f4538461a309c1d4093030b8be7a97d86cad4002d008a922c87f960074580aa3ee6310ba4dbb5df27ecca88d49da91288ad46e2e146bb985865aaf2d7809d37f850e76db62e8a2a1f179baec9e034a722ff45f2ac7413cc0663856329d2bf94e9619fc87a56cae411d9c73af216b14ca73cb303bda7c37c26b341e4f7eedc52266b3164ab1d825a7504a9bf97c45807f566014c52c43710de8d18f60027227e9b89f0c40ade7d8e0a0f6730f96cab40d61074cc3a2a073189513ef4925fd8b09b8cdd726c0fbfe44dd2bc69815e95ec1f497b1501db280d65e32518b85e8347fb8cbe61a979270ec8f3c652c13c498fd48430efd9715da0edc0b12cb6f7749d64bbaa989e84e580705f54f7262e890c470dad3c4503e7fc7cf1b5c46bad4c25631045a312dffedd73a4d05156dfd1524e54d3c82dd258133f41f57c09f03395443de577257170a3a370b3357afaff1eea9797599ff54876272579ed0e860532c7d0ff6ed7b386aa17a8f6280c9c4785671790b0210c9c8dce4c7e746c530176acd3ff20bb55d98e4f33532c7efc1fe4f13d60487ced6bfe2df35ad10ca56509b54308b61e1342da453e78f7194741a42176094439ba94491c796fad802501cee57610e62bbde2ced7e018aa1eb65990280a3a2c85f2e18aa80dc021af26c4c6107047fcecd0a38c226af5f845c9fdd6617c339622b0e0718cdff6b82fabc0b0e6b28342602b65d733f4ab9c235f63393dd359ba088d5db45c8cb2dc46edad6fc802013633a5f9ed67fda98753ebd663471bdb23444036e3d8015265dee156249440bdd6c04b4705f3448656bb7376a594fbe66991aa22c0bd40f09d834953fe5412dda18a3c1289093a3105c4a7f39c0d9bd12c7f5245b3320108fd7d9d36767b9823359bd6dbc46a98d5530215759a23f3c6e07776fe21e3ea262aad0c340845e89b2676f7178b05b9a214b1415c97f90b35a52a31ef493dcaa192c9c8ec2b05c13e839b049ea612e3a461b43171a90b9889ce8def3a197219c51098eb18700b696ee53a085d669f51cd67e6072eca2c21ccaac113e172193b51061f7838896052403e64a03eea80e400f024dafc96d15b7ebd7c776cef2872e94debfc100ec60b45c5c9b861ab8708e6342aecc9cca9332713116ba36fd08d0661d5d723c1eff58d74ac7b4effe79e6423a218612aa8d52097581dec34c6b4614d5e3000eb613f9484fe772aa310024816bc1c45ab0c015f12a572288f7abefeaca310dd56bc534ef3fc6e3fc95802626fdd4eef74db4f504107e3fa0b166004ef4345bab9c8197aec51f81a9192a72fa125ac1b1eafdd323b1bbf6d3eb08f96a0aac6842468f87a0d68b0dbf6e233f2ae2f015e434296716f9027826ce2915810b4c5b82e8d0ab93524677d895cc546340cb8d019ad7ba1dbc2a5f67b69fa22ca0d4b00e40d34d7dabe03ee36b082326a4d612c6a0f699689f908f95b53e09191152699d21ce231aa6b6f3634cf312cf7f4459c38190037dbb8bb4309a9572a956affa2ea3cf12003f3c4f7d5dad6755c2bd3bd954e239bb0258cecdbdfee5683cf62d957dd2c1790c2bde52029724084acb1793ecebae99d025c3b872fc2ee8f04697c1dbd1d4792b8af6f908d244652888974247297869334335217caba784141236383b58926108c5ee9ed5f9cb6c052c9eb4fb5be731c8684b8d7d28334b2ea89aa7f317d8ecc672e386678e1856b58ae6281c04a24f96fae640e07fb31603b5587c9db65dc1d367bfbfcf5b7e45a362a5fec1243eb30bc1289516382efe34040c115f2489228d2ea310c350c1ee40b69e309ff42ea020cad4d2bf15214fc33398c222b4dfd318e97bf1c3f085255d286dfa56a96b0cf999578a85e8441c5e31cb5a7a187e571d41611d25b76bf109c99c9df0bf9abe117e54701113bdc94c4646d2de79e62005064777dbfe0de7b5ebc09baa35bd994082f9d1da312b03c70bcc03f4a0470b35563f7b2801607197bde262540d42068fe6c1f301d83861c39ac5b642a000c230e832339a62ede1a59b24e1c58e6207e3e7883b0a1b0ea050053b54c7f4a337183b127c8ea2aa9f0cf3024b6809090343e8fbda325778e387c35f52ed50f3e1157af77cc107a6b0ebf1ada53193ba6d4013077026d0a9737afe0e417f59d303d28c6b42bf89324159f5b6f70f33473add83028e18bdbbcb9ba8f8e4c02795042b2e8a43f5ff400440d917ccec8acad8d59110491ad8729071b9aa55ca023dbe527071ec56d94c85e7eb32663135363b817da918bdc8e30cc6b9d7dc703d3d459f5061c078343a629f5f0ce6c978e186b1949bfdb5e5181e3a1f88e269ce4f634f33e646c4ec00ab4721cf4d93f71d0396e987da109baab62092eb8631670e8242de631ea0682dfb1ffe731a997c5b031bffb5f03180cb2ad8d330a2b387076e33c23a8ad22e23596c67992740768e735cdcf38579bc8b9be6a3b4de1c3c82358e39e103ad76bca06b1f05a77b65b927244a9b7328698bbbc22129e8fec3f4c3322eb2dd6af13dafa018b2099c678a9c6c1d19e96af3d461e9f39daa0fe8200dadc00a691c3113715582d114e962762bff126f6ac3a91543ba9856b583494b9e3f9551dfa5991e16f317b76c7a09b548807b06882485d88089f4fd918bba57c369258d6c687eb724c264ea77d19fdd5e10732321d59a83fd9537212f9aa84cfa6f2c855eee3a0a7547a719df8bd5db49fda6be6c2f09085fdc127b4965124f3b44f807ad917c8cb380bc30db46cb262000974f75315e327a4165d152937f9c610a627691ef3f678115996edbd7702048f12d9314bbfd32eb64386b8ec78781c3ca9b571c86d92d2258c80509eb5f42121b4f2de3dce5d87f3b31d647477b28ea0f577e36d6154a3157e702ef7760cbd7abbb6abcf878928db4db6d7afe409fa3d77e9aa88b1593e054ec3f05b318eb63f6a99b3cc095149b34b5d4be65dc438ca6f68f307269590035673d87483db78bb1470577b04f0d9914015837c54e0d87d5ebbdc61257c7317640eb0cc5d2f534476bb3a62a234952cdba48aa9e66a3098c9ab71920159ec3d7ad040db96481218c7f76a03761cb7b2ef2fde4e1c9932eb96f9315467c8ff04a0e79ad7e9b4dd0b8ed10c4757588536d5899a1198311c5706157c7a96bc0d1d94e4b9acb75054ef6a5602c76075ea2a09e7bd8aa27d46f7cd7745701bca97a0c3486fe86e58a17ad517668b831904eb5434f3770fae185f17f6dcd4c0ae0f77eaf4b6fc3a37f43e9c448b0b6a13f2304888ab6767fceff99e5463ceb1bd1fef44e02adf08cb4fb7fcb03136416b0798409ca5b42364e799dd8ad48b37c357fba3a5d4f241f0368d6416ab799fd241c225f503c4b3d01eaba63246f68edfeadb1c70bf59f50ea79a5efd428bae6b8b02514eafaf5e5e0a3f451d5d0d73d959fd49ecf310c1592a21bfc057ac23659585c2e6287570403c1b7dd5f1b3a5677be92e65e78ed961113a9c0f7b89b1efc18e448a00467d65eb7f6465978432c994ab758cf6a40f7e2213993832c612d695609fb7de6431770757a7c044f67807ca54aba7d07ad8570d2163a44a361091c858c887eeb11d520ce0fb5fe07e444e4100be51f9503971ae21c40f49f2b7e84225c4f01dfef600589a65f5537ef1d2255bc7363622797c7bf2d2dfa023a1d0736375fdcca3571507e97d7e78aed923908428912b5bb85496ac9cabc892e8bfc71b09081a4cb4c0912bf557740cde42f7b03254ec79c1614aca5241f1de8fb7ab3881f4109363ff3c2f83f975f3d4dc70c9c641a9e13e048d74d908e9566ebd9c955a95d340e50a13899ab2d77e31b378fc09ab5aac50e90b408bc540f6b47ef8bc0eb1e24c6fb1ee7ff6687090f62507358d05565d75d0aa623aaec849c8d7f670500026ed1e3006fbcf0aca44200f141030d09364bc439fdf5f01c3cb032fcab98479e5fd041b32a41aa4f8a1ff0", 0x1000}], 0x2, &(0x7f0000001680)={0x90, 0x0, 0x7fff, "747c6d985269a4863819145c8b4473079e0aec505e71a8eacd55f5aefb2f078bcb3e4dbfc3f4384b0d89fb074397a185fbbfe497136bbe5e63afbf89fed00e3f9fbb7de0ee4c92c183b09d0b3ae9379708930f837a20fc0045484b90f2d708052ee20d0833048ddbc5476b16ae91eb610a38bafa6e018acc3196"}, 0x90, 0x4000000}, {&(0x7f0000001740)={0x27, 0x1, 0x1, 0x5, 0x5, 0x2, "78790362c675083759ee10d601e7c6f84a182d2cbdfc69f4a153cbe1be74b174c3d6d38e41f0c712768743cb4a4ab700fff7f87bc4c2312c5305d4320f8363", 0x1c}, 0x60, &(0x7f0000001940)=[{&(0x7f00000017c0)="6594603b4e86f0db540c579327f18f91f6c08cf6e2555ceb3962eaa91c09dfaf340a9dd3e6169c201698bda016b84faa380fc62ffb36951ec7a069cb74425959ef8e2de5c66a29773456f34cbbf3097d723ff993face1d7edb44e605db69249ce9aa6f38d08e98b4cf1524e4a08eeb", 0x6f}, {&(0x7f0000001840)="c41aca7f277aded6c3871832dfc922dbefa64dd436522c3ff44b0562c5a767f0025c0e2b43dc8c", 0x27}, {&(0x7f0000001880)="40f131cede5501a3e768d24a74863f8daff60ad5281c7ce21ecb24b06c8407cd0e0d1c258557c4cd", 0x28}, {&(0x7f00000018c0)="cdf1442faba4843b7e3dd87318fc739e6f374a15b8771d7dc194d517fd68736d036d33cc8fb7d4aedba1e1de2a938f4d8f868ee1af9bfb81fd6308415f259b1fc798384e8a112b18e7250f5a6fcb028fad2f64779e83b3b17bb01b878715c954c37243724dfa8f62af0499e1fadd8c3a460d9a344a1f7dbd", 0x78}], 0x4, &(0x7f0000001980)={0x80, 0xff, 0x8, "bcb545666326d9f21fc35f199470062548668b511cd2103a46250fc8cd6664d6ff42fd2ad1e631cfdeaa4ab82e4392917cf2f79059a441d97755c49b827ce1afd777a387b3f031e55548043ddef77e420bc857fdf27579fe6352c3e46187ad80c0535cef2c4104c12c"}, 0x80, 0x4000010}, {&(0x7f0000001a00)={0x27, 0x0, 0x1, 0x1, 0x1f, 0xffff, "3cb3d888c95a021fdf2eab058ad14283d0b2e61f088ec66c0238db00695569a9b95602ea159bfeb53f8579404868c8a17d1b2ffe34f5e45b53179d1523295f", 0x2}, 0x60, &(0x7f0000001bc0)=[{&(0x7f0000001a80)="151abcdaed61e19325067d5d6e9038fcd99f2852b3343a5f7017a57a4ee399fadd8432c1d15c667773839282bc2b43304cd5b4f03a467fc20a24abfbc4612778109eb425eb042e17d8f88212a9c8f290a211492bb80f81e0def231346eba18e67bca6051ece4a849", 0x68}, {&(0x7f0000001b00)="9f1fd33c100c748b3ceb4855f230d19216e1d5f74f7ec03894d14439351546c93deb0874cc81d09f29478c88eae4f045", 0x30}, {&(0x7f0000001b40)="d550c59a08f6aef9e24c5a70aec45ac6969915d293310cfc3048305350f41572ede494a128c0c86b2c9f787ff0b95d5f2e0a718791786d6bc3c1e4b4fe5d8f69536a0b2575f095f758af61d8133117e1d30ba92aadcc7096b08b3754848bbab2b878906a0667590a52dcfde95701323ef39306855207efa6d8fe", 0x7a}], 0x3, &(0x7f0000001c00)={0x30, 0x11, 0x40, "43eb0e0e4cb98659797728486d0ac1a381f761f970e69ac31b50df4f146e"}, 0x30, 0x884}, {&(0x7f0000001c40)={0x27, 0x0, 0x2, 0x7, 0x100000000, 0x7, "ca166898a420c2d7fb86370426071c4ad880c903a7029240f71f55050a389634b8efd3f4baaf9854a99af78d9fc067629c4d264e9adc499e058e1e8bcbe80f", 0xf}, 0x60, &(0x7f0000001e40)=[{&(0x7f0000001cc0)="3f75d543eac95205343dec5db1551013bcd4a8ecb8074025fac735e8d27f203e0a77f4f6767266335bc280cd56e81825ee2b171ed4e14062519639a3ecaf8a325265f6f2fd6ebffe31ce2cc0047322e586e739b9507a502ac9100775113e268e95be2b64c6445a20116d9f999156958ac059be1d197461be76a3d3abd2327605d799eef923e7b83b99", 0x89}, {&(0x7f0000001d80)="90d6d362219c26602d66cbf61633edf4733ecd9b9787c2c504b06fb2759b4245c497bb797d1dace845b0162ed12db75a0db837c1d7657a28e70845aeaf6375295384a857ecae77a9999e0703c3f9507cb7837b3e9f180f2fe391f81a164b045964bd40adc90e6598", 0x68}, {&(0x7f0000001e00)="643fb7f1ab267557150ffe", 0xb}], 0x3, &(0x7f0000001e80)={0x110, 0x111, 0x2, "cfb53031894272748ae92641444a61e9ed415968ae04797ecee8151c4a46f621665064773f8d3ac0b35e6ea72843516c7f30a5aed90f07646e7eba37a15cd3ace25d83149ec066a1c2c98595cbe4ff54367f1f16cf188c09448fc218aea5a89dd10692ba3437ab5580a1b94e1cdf262a09c4014e823d731c7604cb12e1aef921c2c76d5e87fbc60d55ff990fa4a81b155d466913acd47be4b8207daf8fc358fada97d8ed7385ac1d05e2aea609a2c898cb8762517c2e9284982581267c96936768d67aace673c6e26d61bf26d7ace2331427294e4da8e89034612253a24964eba3c340954bf301789ee62c474153c2277c5aca34abd6b840e0133c42"}, 0x110, 0x4004004}, {&(0x7f0000001fc0)={0x27, 0x0, 0x0, 0x6, 0x5, 0x9, "e10d965e73e69bad37bebb0ad7fade4bca0147f117fff49d5c0085bd41048df0720e4f317ac11fc9913aea14b63dda9cf76c9cf9e9e2aa30f3c7fdc3812895", 0x4}, 0x60, &(0x7f0000002300)=[{&(0x7f0000002040)="8a8a4e967728be101009ae2bad1dbbb3fd7ccfe9350f422fb32c65a012545cd855624b859aa8abf41ad3547af835cc5331683c65ad8e3842cd504c6524f534e3ea8eb604d59621682c9719d84cf07726f41b45a2331e2d5647bb109a4707e6579c25fa2869c5de6eae14", 0x6a}, {&(0x7f00000020c0)="ae9aa9fbbe17403db9067748c675aed54f5b2b78554197bca2b93e5ac85811f7b2e8505cc78a86175ae3f6d8e7e1941c69570ee46af955a80f6674eac19a492700fa9309fdf4b1c61bc84e429cac0229fcc44fcdad7b65fe601d1fadae6da3c92ca651d5070f305e9c8b77ca5557af426ea9c13f3caeec2b0247871d4d9b38db63fa771e3ce80039aa52289e253b5c57341a1a08410de2", 0x97}, {&(0x7f0000002180)="beb3e9f7373aa07c5f87d4d144b8de7823874f96e9eb617c2a5a25c02156b540e8de8c3c6d0481d21710f7be1f317d052e09b993ba1bbafe52e8fc4c3bb9e40d57599c69d96e6984f7fb98335fa2a79cb32261cfc42dcc92317510fa6ccc3de32ea4c9f983b6bd0bb16a7ed3f34a2c8d4ccc350f62edecae34b89f6732569bff708bf59af1928d6fd9da081999919739912ccd4d04", 0x95}, {&(0x7f0000002240)="97f6666a521ee2e1454854157418b58ed83461008dbd11e6e021d035612c9462b9b9e1a9d7e5db42f29d904495925d5ee7a370f6df51a2245db5f8a16f1b6713d299165ad158dbf755ac762c10f02282e5033ad8061bde15a3a73e8e93ecbfbd94f6a7ae7f203000405cf6b6991aa33ecd44f189ea84f4902c1d26d092e5725e38695ecfaf8f82dfc0159f4f8b86486101e79c2a4e", 0x95}], 0x4, 0x0, 0x0, 0x4080}, {&(0x7f0000002340)={0x27, 0x0, 0x0, 0x5, 0x6, 0x33, "6db8d30f81492fab8761b7acbcd18c7ce2e87f8fae45fa307b0f6d965b0a6a0bd812966113b6036d9bf521a81f20b00897ba40df9cf50514c18edeccc0d85a", 0x27}, 0x60, &(0x7f00000027c0)=[{&(0x7f00000023c0)="ff662946a599f5a62489b23b099e714b38290159ef5c7bff0d2bfd2f8a6a539b7f94f4bdb0cc10c73d5e78d121e790ec528bb8133e19e4ee88d73de407b3820ae17e260d09992104b7709a239c712b3bd2cf3d8d0a49794730674ffd8f80168152ff654188b694e753c791eb59749ae97f42dc08f8df96dff30c7ac057874ba1133dda8bca99bf8bc43340788f2e4c1bf9aa166c4e91fa3009a13d968955515850e1ddb49129be310ddaf913c76e430f5187c7", 0xb3}, {&(0x7f0000002480)="7205298b3e224d376425dee132424e93daea175ae3528ee78900843ffc53bb78de5e12dab56e6650e5bbf74b2397786f8cab29a758d2d535eba0242b62b3dbcbc2960d28dbe830bef9cfe637692ab2c9276bbe6cf29bf0af96cc6622c8f80ad36687d89999ada7d6dc547addf3fadda51a86b077a9d122d497e1e74cca041f9eb9befbf6fde00478828f5cde815304d1a654c863e0577d994abc9b0e4c74123897b69baed60475ba540d811b24530123fe082065c9508a4c92fc6274d09aa2b44bf7a10da83bc23f4fdddc1dd3209d8b3cf4c6967d719fa8296fffc9367cfae501d35e5d499a49e70a4371a620437c3eb37d15", 0xf3}, {&(0x7f0000002580)="9ca53366fcf71f6b477de87cc50482a793e89f444f", 0x15}, {&(0x7f00000025c0)="fc6a96b1d36e7cc70dd12cf451fb0803d53405382381b9b3021d6968c199de4bdf41c03f5ffa77dfbc7819a84b10a471f2af044868546e8e6b925fd4424c1efef2c7da4493229200c9c0de2718314ec2642082fb7a40b6224778114d7823f45475edbce51786df93dd23e549ebd5e85d05b5b8b1e7c42dad3fbec9b889", 0x7d}, {&(0x7f0000002640)="0cb758f99d98eb02f4c507605c1db6db11eb9818ae30f4ed46ad4d4a23c554f20d08debb404ee9e0a3e7068d36837413b07d220c341e9453bbdee7129057318167b27b895519deca22522ba269953111398279c5cc047b842522b20bee25d640161ceab843f880e50c7523dc13ae332b8cf685e3e4650a6a96b3", 0x7a}, {&(0x7f00000026c0)="6239a721dc653c4357efdb1c2ed11f872bb7765d924a8abd4e2ed44f587340322c86d29c95bfc96c63fa48e14f396313d8062cdcda72c9e09c9001350ed16a8a28c5359ab1e11222616836fcaea1b05c0aae6ef264cd04cfd145df382ee5bc084b749d553f0a", 0x66}, {&(0x7f0000002740)="924409d079958c7577afcc534bcfc0ccf545e4c3dfdd950e6d61cc9261e258409603e22a5feee3ecbb4845ce4e652179801cc1ee95ed97c64768a539575784a1cce59ddc79b36cebbd5fc57490b755dafc91b67f3b806a2a7d51b9ca03d3", 0x5e}], 0x7, &(0x7f0000002840)={0x70, 0x117, 0x8, "511f2071777f53fae242a5e18880eae836e2e0d64228ac5bf81e6fdf4e193b99e979aed386661afdf69f6082a5f73801354f8bfea649adb695b728af89fb36fddb5c6dd30649ec93b11a6c0cae3c5a4b55019a8710203abfce7c79"}, 0x70, 0x4040001}], 0x7, 0x0)

17:10:05 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$dmmidi(&(0x7f0000000040)='/dev/dmmidi#\x00', 0x2, 0x22300)
bind$unix(r0, &(0x7f0000000100)=@abs={0x1, 0x0, 0x4e20}, 0x6e)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:05 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000540))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  341.341853] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  341.346225] TPR Threshold = 0x00
[  341.354359] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  341.357528] EPT pointer = 0x00000001bece001e
[  341.369019] CR0=0000000080050033 CR3=00000001b3932000 CR4=00000000001426e0
[  341.376739] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  341.384235] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  341.390722] *** Control State ***
17:10:05 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000540))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:05 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  341.394345] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  341.427228] EntryControls=0000d1ff ExitControls=002fefff
[  341.444697] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  341.459230] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
17:10:05 executing program 0:
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000140)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000040)={<r2=>0x0, 0x80000, r1})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r1, 0xc00c642e, &(0x7f0000000080)={r2, 0x80000, r1})
ioctl$KDGKBLED(r1, 0x4b64, &(0x7f0000000100))
ioctl$SIOCRSSCAUSE(r0, 0x89e1, &(0x7f0000000180)=0x3)
ioctl$FS_IOC_FSGETXATTR(r1, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:05 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  341.493974] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  341.510096]         reason=80000021 qualification=0000000000000000
17:10:05 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  341.577435] IDTVectoring: info=00000000 errcode=00000000
[  341.593676] TSC Offset = 0xffffff47210756eb
[  341.610756] TPR Threshold = 0x00
[  341.625684] *** Guest State ***
[  341.657779] EPT pointer = 0x00000001bf34501e
[  341.687464] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  341.720257] *** Guest State ***
[  341.731523] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  341.747528] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  341.756889] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  341.768273] CR3 = 0x0000000000000000
[  341.772176] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  341.778825] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
17:10:06 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:06 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0x0, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:06 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f0000000080)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})
openat$cgroup_ro(r0, &(0x7f0000000040)='cpuacct.usage_user\x00', 0x0, 0x0)

[  341.784939] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  341.806640] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  341.810470] CR3 = 0x0000000000000000
[  341.827593] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  341.828715] *** Guest State ***
[  341.842069] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  341.846903] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  341.859364] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  341.865591] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  341.875061] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  341.897278] CR3 = 0x0000000000000000
[  341.901004] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  341.906996] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  341.924610] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.937510] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.950458] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.956881] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.969394] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.969871] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.985536] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  341.991580] *** Guest State ***
[  341.992428] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  341.996072] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.003742] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.012186] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  342.020056] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.036950] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  342.037332] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  342.045127] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.054283] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.070361] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  342.079687] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.084449] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  342.088136] CR3 = 0x0000000000000000
[  342.100111] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.101450] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  342.116726] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.120309] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  342.127509] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.140610] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  342.142401] Interruptibility = 00000000  ActivityState = 00000000
[  342.146695] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  342.158409] *** Host State ***
[  342.161669] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  342.164352] RIP = 0xffffffff81223c27  RSP = 0xffff88818006f350
[  342.170815] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.176680] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  342.185605] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.191201] FSBase=00007f0970e12700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  342.199470] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  342.207422] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  342.217185] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.219929] CR0=0000000080050033 CR3=00000001bece0000 CR4=00000000001426e0
[  342.228377] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.243117] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  342.243503] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  342.251278] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  342.259604] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.274123] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  342.280355] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  342.280581] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  342.286873] *** Control State ***
[  342.295531] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  342.298405] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  342.305257] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  342.312924] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  342.321561] Interruptibility = 00000000  ActivityState = 00000000
[  342.328201] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  342.334753] *** Host State ***
[  342.341102] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.341118] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.341132] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.344717] RIP = 0xffffffff81223c27  RSP = 0xffff888182677350
[  342.352503] EntryControls=0000d1ff ExitControls=002fefff
[  342.360886] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  342.368564] Interruptibility = 00000000  ActivityState = 00000000
[  342.368573] *** Host State ***
[  342.380728] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.386560] RIP = 0xffffffff81223c27  RSP = 0xffff88817d497350
[  342.393188] FSBase=00007f9124378700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  342.410149] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  342.418231] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  342.424487] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  342.432882] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  342.441138] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  342.452248] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  342.452256] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  342.452264] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  342.452271]         reason=80000021 qualification=0000000000000000
[  342.452278] IDTVectoring: info=00000000 errcode=00000000
[  342.452283] TSC Offset = 0xffffff46b965d89f
[  342.452288] TPR Threshold = 0x00
[  342.452297] EPT pointer = 0x00000001b47bc01e
[  342.459474] CR0=0000000080050033 CR3=00000001bcd82000 CR4=00000000001426f0
[  342.467180] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.472845] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  342.479440] CR0=0000000080050033 CR3=00000001d8c51000 CR4=00000000001426f0
[  342.484646] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  342.489261] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  342.492489] *** Control State ***
[  342.504173] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  342.512368] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  342.519527] EntryControls=0000d1ff ExitControls=002fefff
[  342.532973] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  342.540085] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  342.546686] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  342.550299] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  342.558544] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  342.570576] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  342.577972] *** Control State ***
[  342.597457]         reason=80000021 qualification=0000000000000000
[  342.599842] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  342.612714] IDTVectoring: info=00000000 errcode=00000000
[  342.615086] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  342.623312] TSC Offset = 0xffffff46c7935f00
[  342.627032] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  342.638331] EntryControls=0000d1ff ExitControls=002fefff
17:10:06 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, 0x0, &(0x7f0000000540))
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  342.652439] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  342.660050] Interruptibility = 00000000  ActivityState = 00000000
[  342.666436] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  342.670411] TPR Threshold = 0x00
[  342.677560] *** Host State ***
[  342.680873] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  342.686912] EPT pointer = 0x00000001b3f7401e
[  342.694087] RIP = 0xffffffff81223c27  RSP = 0xffff8881b627f350
[  342.702359]         reason=80000021 qualification=0000000000000000
[  342.709204] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  342.715868] IDTVectoring: info=00000000 errcode=00000000
[  342.722324] TSC Offset = 0xffffff46a951b73b
[  342.729171] FSBase=00007fe411bf7700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  342.737810] TPR Threshold = 0x00
[  342.741322] EPT pointer = 0x00000001d7a6a01e
[  342.745895] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
17:10:07 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0x0, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:07 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x0, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:07 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, 0x0, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  342.756885] CR0=0000000080050033 CR3=00000001d1b4d000 CR4=00000000001426f0
[  342.775420] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  342.790386] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  342.803586] *** Control State ***
17:10:07 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(0xffffffffffffffff, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  342.813241] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
17:10:07 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  342.862963] EntryControls=0000d1ff ExitControls=002fefff
[  342.895994] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  342.946352] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  342.984591] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
17:10:07 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0x0, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  343.012482] *** Guest State ***
[  343.024412] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  343.034525]         reason=80000021 qualification=0000000000000000
[  343.044588] *** Guest State ***
[  343.062708] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  343.072354] IDTVectoring: info=00000000 errcode=00000000
[  343.079955] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  343.089523] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  343.097351] TSC Offset = 0xffffff46930c8c2e
[  343.104911] CR3 = 0x0000000000000000
[  343.109477] TPR Threshold = 0x00
[  343.109492] EPT pointer = 0x00000001bbde301e
[  343.119499] CR3 = 0x0000000000000000
[  343.121326] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  343.123497] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  343.129874] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  343.143697] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  343.151139] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
17:10:07 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0x0, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:07 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  343.161392] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.169990] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.184225] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  343.195840] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
17:10:07 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, 0x0, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:07 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x0, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  343.244327] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  343.255321] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.266892] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.281468] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.323830] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.345260] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.371285] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.389926] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:07 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0x0, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  343.419485] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.433800] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  343.458025] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.472509] *** Guest State ***
[  343.476402] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  343.485674] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  343.495430] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  343.507723] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  343.516799] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  343.527365] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  343.531653] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  343.534299] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  343.544859] CR3 = 0x0000000000000000
[  343.557177] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  343.567363] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  343.569681] Interruptibility = 00000000  ActivityState = 00000000
[  343.573716] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  343.580490] *** Host State ***
[  343.599402] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  343.607921] RIP = 0xffffffff81223c27  RSP = 0xffff88817ee57350
[  343.609796] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
17:10:07 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x0, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  343.618267] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  343.648247] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  343.663774] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  343.666937] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  343.683592] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
17:10:08 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(0xffffffffffffffff, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000002c0)={<r2=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000700)={r2, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r0, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r1})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  343.694260] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  343.697388] CR0=0000000080050033 CR3=00000001cac90000 CR4=00000000001426f0
[  343.708281] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.731000] Interruptibility = 00000000  ActivityState = 00000000
[  343.737948] *** Host State ***
[  343.741368] RIP = 0xffffffff81223c27  RSP = 0xffff8881765d7350
[  343.755996] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.760524] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  343.776768] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  343.783989] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.788960] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  343.800864] FSBase=00007f0970e33700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  343.808604] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.809056] *** Control State ***
[  343.822422] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  343.829561] CR0=0000000080050033 CR3=00000001c0c9d000 CR4=00000000001426e0
[  343.837410] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  343.845238] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
17:10:08 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x0, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  343.852669] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  343.852831] EntryControls=0000d1ff ExitControls=002fefff
[  343.866633] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  343.873217] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  343.891237] *** Control State ***
[  343.892903] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  343.897770] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  343.910962] VMEntry: intr_info=80000067 errcode=00000000 ilen=00000000
[  343.927233] EntryControls=0000d1ff ExitControls=002fefff
[  343.932749] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  343.934282] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  343.939978] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
17:10:08 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:08 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  343.954353]         reason=80000021 qualification=0000000000000000
[  343.954360] IDTVectoring: info=00000000 errcode=00000000
[  343.954365] TSC Offset = 0xffffff460d157a61
[  343.954370] TPR Threshold = 0x00
[  343.954384] EPT pointer = 0x00000001d45eb01e
[  343.997270] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  344.005495] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  344.024018] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  344.042944] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  344.051557]         reason=80000021 qualification=0000000000000000
[  344.067314] IDTVectoring: info=00000000 errcode=00000000
[  344.076967] TSC Offset = 0xffffff4607e2658d
[  344.081805] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  344.088680] TPR Threshold = 0x00
[  344.092236] EPT pointer = 0x00000001d4f3e01e
[  344.096877] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  344.105310] Interruptibility = 00000000  ActivityState = 00000000
17:10:08 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:08 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  344.141629] *** Guest State ***
[  344.159018] *** Host State ***
[  344.181658] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
17:10:08 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x0, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  344.193479] RIP = 0xffffffff81223c27  RSP = 0xffff8881bf5d7350
[  344.238684] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  344.239846] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  344.318692] FSBase=00007f9498b76700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  344.327315] CR3 = 0x0000000000000000
[  344.331321] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  344.362778] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  344.386960] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  344.410820] CR0=0000000080050033 CR3=00000001b9387000 CR4=00000000001426f0
[  344.442284] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  344.450580] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  344.462245] *** Guest State ***
[  344.463482] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  344.465580] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  344.472154] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  344.472173] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.472191] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.472207] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.489733] *** Control State ***
[  344.498713] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  344.506970] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  344.518481] EntryControls=0000d1ff ExitControls=002fefff
[  344.525993] CR3 = 0x0000000000000000
[  344.533159] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.543126] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  344.556176] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  344.562528] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  344.569380] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  344.579433] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.587926] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.596041] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.599070] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  344.612006] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.620424] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.624976] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  344.635671] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  344.645806] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  344.646504] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  344.661217] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  344.663171]         reason=80000021 qualification=0000000000000000
[  344.678321] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  344.683838] IDTVectoring: info=00000000 errcode=00000000
[  344.687173] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  344.692276] TSC Offset = 0xffffff45cf4294df
[  344.700179] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  344.704809] TPR Threshold = 0x00
[  344.712694] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  344.716191] EPT pointer = 0x00000001d6b8801e
[  344.722599] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  344.734456] Interruptibility = 00000000  ActivityState = 00000000
17:10:09 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:09 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:09 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x0, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:09 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  344.741125] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  344.750129] *** Host State ***
[  344.753482] RIP = 0xffffffff81223c27  RSP = 0xffff8881bf6af350
[  344.760313] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  344.766840] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  344.767682] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  344.775701] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  344.836427] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  344.845506] CR0=0000000080050033 CR3=00000001d396c000 CR4=00000000001426f0
[  344.862037] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  344.882464] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  344.886724] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  344.898967] Interruptibility = 00000000  ActivityState = 00000000
[  344.906092] *** Host State ***
[  344.910397] RIP = 0xffffffff81223c27  RSP = 0xffff88817bef7350
[  344.923983] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  344.926321] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  344.954201] FSBase=00007fe411bf7700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  344.965378] *** Control State ***
17:10:09 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x0, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  344.983991] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  344.997653] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  345.034639] EntryControls=0000d1ff ExitControls=002fefff
[  345.043587] CR0=0000000080050033 CR3=00000001d7205000 CR4=00000000001426f0
[  345.056012] *** Guest State ***
[  345.059372] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  345.059401] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  345.059409] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  345.059416]         reason=80000021 qualification=0000000000000000
[  345.059422] IDTVectoring: info=00000000 errcode=00000000
[  345.059427] TSC Offset = 0xffffff456d71a15d
[  345.059431] TPR Threshold = 0x00
[  345.059439] EPT pointer = 0x00000001d8d3701e
[  345.109083] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  345.113660] *** Guest State ***
[  345.120653] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  345.129730] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  345.129783] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  345.129930] CR3 = 0x0000000000000000
[  345.158198] *** Guest State ***
[  345.161572] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  345.174899] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
17:10:09 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  345.182200] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  345.187381] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  345.198650] *** Control State ***
[  345.206438] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  345.213979] CR3 = 0x0000000000000000
[  345.218461] EntryControls=0000d1ff ExitControls=002fefff
[  345.220643] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  345.234786] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  345.239689] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  345.246465] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  345.248173] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  345.255950] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  345.263732] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.275905] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
17:10:09 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  345.278305] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.288707] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  345.304200] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  345.321842] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.325214] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  345.347230]         reason=80000021 qualification=0000000000000000
[  345.357570] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.361128] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  345.374315] *** Guest State ***
[  345.378072] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  345.380763] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.387520] IDTVectoring: info=00000000 errcode=00000000
[  345.387526] TSC Offset = 0xffffff4549d6d000
[  345.387531] TPR Threshold = 0x00
[  345.387554] EPT pointer = 0x00000001b6e3c01e
[  345.397929] CR3 = 0x0000000000000000
[  345.409663] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.419038] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:09 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  345.432922] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.452105] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.456499] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  345.467392] CR3 = 0x0000000000000000
[  345.467548] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.471512] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  345.490501] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  345.499149] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  345.504174] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.509586] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  345.517023] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.522845] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.531035] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  345.539404] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  345.554481] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  345.554512] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  345.554600] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.554802] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.554872] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.571628] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  345.586286] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  345.587348] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.603422] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  345.609959] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:10 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  345.610200] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.610311] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.654596] Interruptibility = 00000000  ActivityState = 00000000
[  345.657417] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.669323] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  345.675217] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.689803] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.710330] *** Host State ***
[  345.719809] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  345.724303] *** Guest State ***
[  345.731659] RIP = 0xffffffff81223c27  RSP = 0xffff88817a157350
[  345.732685] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.740919] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  345.753166] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  345.755977] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.771150] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  345.780326] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  345.782519] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  345.786729] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  345.786740] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  345.786752] CR0=0000000080050033 CR3=00000001ce557000 CR4=00000000001426f0
[  345.786765] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  345.786775] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  345.786779] *** Control State ***
[  345.786790] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  345.795348] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  345.815865] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  345.822675] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  345.838193] CR3 = 0x0000000000000000
[  345.839282] Interruptibility = 00000000  ActivityState = 00000000
[  345.845426] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  345.845482] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  345.852254] *** Host State ***
[  345.859955] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.863555] RIP = 0xffffffff81223c27  RSP = 0xffff88817df7f350
[  345.879380] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  345.893238] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  345.899658] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.907808] EntryControls=0000d1ff ExitControls=002fefff
[  345.915146] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  345.923180] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  345.928974] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  345.936747] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  345.944205] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  345.950219] FSBase=00007f0970e33700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  345.957351] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  345.965304] VMEntry: intr_info=80000067 errcode=00000000 ilen=00000000
[  345.981539] Interruptibility = 00000000  ActivityState = 00000000
[  345.988195] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  345.994804] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  346.000454] CR0=0000000080050033 CR3=00000001b58a3000 CR4=00000000001426f0
[  346.009276] *** Host State ***
[  346.015656] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  346.025707]         reason=80000021 qualification=0000000000000000
[  346.032311] IDTVectoring: info=00000000 errcode=00000000
17:10:10 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  346.035453] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  346.038028] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  346.051466] TSC Offset = 0xffffff44fa0c75b4
[  346.052418] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  346.063164] TPR Threshold = 0x00
[  346.072210] Interruptibility = 00000000  ActivityState = 00000000
[  346.078895] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  346.087404] *** Host State ***
[  346.087568] EPT pointer = 0x00000001bbe2f01e
[  346.097704] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  346.099419] RIP = 0xffffffff81223c27  RSP = 0xffff88817685f350
[  346.113356] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  346.114669] RIP = 0xffffffff81223c27  RSP = 0xffff88817f46f350
[  346.126018] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  346.130704] FSBase=00007f9498b76700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  346.140477] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  346.152042] *** Control State ***
[  346.155809] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  346.159659] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  346.165740] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  346.177296] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  346.183953] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  346.183965] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  346.183978] CR0=0000000080050033 CR3=00000001d396c000 CR4=00000000001426f0
[  346.183992] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  346.184004] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  346.206012] EntryControls=0000d1ff ExitControls=002fefff
[  346.213103] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  346.218057] CR0=0000000080050033 CR3=00000001d6b88000 CR4=00000000001426f0
17:10:10 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, 0x0, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  346.229850] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  346.232540] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  346.244891] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  346.262065] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  346.266554] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  346.269159] VMEntry: intr_info=80000067 errcode=00000000 ilen=00000000
[  346.269168] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
17:10:10 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  346.269175]         reason=80000021 qualification=0000000000000000
[  346.269182] IDTVectoring: info=00000000 errcode=00000000
[  346.269188] TSC Offset = 0xffffff44fc8a156e
[  346.269193] TPR Threshold = 0x00
[  346.269201] EPT pointer = 0x00000001acae601e
[  346.301102] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  346.310019] *** Control State ***
[  346.328825] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  346.336292] *** Control State ***
[  346.366959] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  346.378040] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  346.388166] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  346.398336] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  346.419435] Interruptibility = 00000000  ActivityState = 00000000
[  346.422686] EntryControls=0000d1ff ExitControls=002fefff
[  346.427511] EntryControls=0000d1ff ExitControls=002fefff
[  346.445489] *** Host State ***
[  346.448903] RIP = 0xffffffff81223c27  RSP = 0xffff888179c47350
[  346.455064] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  346.463071] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  346.465186] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  346.475318] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  346.483699] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  346.492875] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  346.499640] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  346.505658] CR0=0000000080050033 CR3=00000001cd070000 CR4=00000000001426e0
[  346.513339]         reason=80000021 qualification=0000000000000000
[  346.520589] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  346.527570] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  346.534372] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  346.541095] IDTVectoring: info=00000000 errcode=00000000
[  346.546549] TSC Offset = 0xffffff44c76b7ab7
[  346.550979] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  346.557394]         reason=80000021 qualification=0000000000000000
[  346.563806] *** Control State ***
[  346.567411] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  346.574219] IDTVectoring: info=00000000 errcode=00000000
[  346.579907] TPR Threshold = 0x00
[  346.583344] EPT pointer = 0x00000001bb2a001e
[  346.587979] EntryControls=0000d1ff ExitControls=002fefff
[  346.593550] TSC Offset = 0xffffff44f1ae7b2b
[  346.598156] TPR Threshold = 0x00
[  346.598301] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  346.609022] EPT pointer = 0x00000001d4eb201e
17:10:10 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:10 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:10 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:10 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:11 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  346.627276] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  346.651168] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  346.717050]         reason=80000021 qualification=0000000000000000
[  346.740281] IDTVectoring: info=00000000 errcode=00000000
[  346.771818] TSC Offset = 0xffffff449b72cf47
[  346.784168] TPR Threshold = 0x00
[  346.792272] EPT pointer = 0x00000001c5d8801e
17:10:11 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, 0x0, 0x0)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  346.902325] *** Guest State ***
[  346.911480] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  346.936667] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:11 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  346.955987] CR3 = 0x0000000000000000
[  346.976073] *** Guest State ***
[  346.995508] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  347.001434] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  347.015128] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  347.033323] *** Guest State ***
[  347.039501] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  347.049274] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  347.052813] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  347.059209] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  347.074524] CR3 = 0x0000000000000000
[  347.079859] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  347.081599] CR3 = 0x0000000000000000
[  347.086263] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  347.096301] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
17:10:11 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  347.100217] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  347.103497] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  347.121300] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.124551] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  347.137012] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.148783] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.158729] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.168604] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  347.169088] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  347.169145] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  347.169737] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.169865] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.169891] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.169986] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.170010] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.170076] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  347.170289] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  347.170336] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  347.170447] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  347.170750] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  347.170829] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  347.170909] Interruptibility = 00000000  ActivityState = 00000000
[  347.170965] *** Host State ***
[  347.171011] RIP = 0xffffffff81223c27  RSP = 0xffff88817685f350
[  347.171149] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
17:10:11 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  347.171232] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  347.171320] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  347.171465] CR0=0000000080050033 CR3=00000001c6a68000 CR4=00000000001426e0
[  347.171563] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  347.172016] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  347.172067] *** Control State ***
[  347.172098] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  347.172177] EntryControls=0000d1ff ExitControls=002fefff
[  347.172238] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  347.172267] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  347.172323] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  347.172332]         reason=80000021 qualification=0000000000000000
[  347.172340] IDTVectoring: info=00000000 errcode=00000000
[  347.172352] TSC Offset = 0xffffff43f22fd94c
[  347.172423] TPR Threshold = 0x00
[  347.172484] EPT pointer = 0x00000001b270401e
[  347.181606] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:11 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, 0x0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  347.230504] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.260646] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.334326] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.343363] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  347.367431] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  347.397745] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:11 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  347.427680] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  347.461940] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.489037] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  347.505546] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.514154] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  347.527319] Interruptibility = 00000000  ActivityState = 00000000
[  347.546024] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  347.557611] *** Host State ***
17:10:11 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  347.566932] RIP = 0xffffffff81223c27  RSP = 0xffff88817d9af350
[  347.591643] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  347.629801] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  347.656880] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  347.685885] *** Guest State ***
[  347.687170] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  347.693535] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  347.697536] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  347.707010] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  347.725273] CR3 = 0x0000000000000000
17:10:12 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  347.741604] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  347.749592] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  347.756477] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  347.756996] *** Guest State ***
[  347.776227] CR0=0000000080050033 CR3=00000001b36c2000 CR4=00000000001426f0
[  347.777683] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  347.788268] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  347.797582] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  347.807412] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  347.811626] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  347.827493] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  347.840978] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  347.843013] Interruptibility = 00000000  ActivityState = 00000000
[  347.853784] CR3 = 0x0000000000000000
[  347.861031] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.864750] *** Guest State ***
[  347.872531] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  347.872535] *** Control State ***
[  347.872544] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  347.872551] EntryControls=0000d1ff ExitControls=002fefff
[  347.872563] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  347.872571] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  347.872579] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  347.872590]         reason=80000021 qualification=0000000000000000
[  347.878910] *** Host State ***
[  347.885276] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  347.889333] RIP = 0xffffffff81223c27  RSP = 0xffff888183887350
[  347.889358] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  347.889372] FSBase=00007f0970e33700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  347.889390] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  347.889406] CR0=0000000080050033 CR3=00000001ca950000 CR4=00000000001426e0
[  347.889425] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  347.904913] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  347.909458] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  347.916158] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.922340] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  347.936847] IDTVectoring: info=00000000 errcode=00000000
[  347.944040] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  347.958809] TSC Offset = 0xffffff43f5754e9a
[  347.974836] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  347.978358] TPR Threshold = 0x00
[  347.978383] EPT pointer = 0x00000001d931401e
[  347.988803] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:12 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  348.001956] *** Control State ***
[  348.044163] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.051497] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  348.061585] EntryControls=0000d1ff ExitControls=002fefff
[  348.067443] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  348.081767] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  348.084102] VMEntry: intr_info=80000067 errcode=00000000 ilen=00000000
[  348.095707] CR3 = 0x0000000000000000
[  348.103430] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  348.114532] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  348.119720]         reason=80000021 qualification=0000000000000000
[  348.121583] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.127227] IDTVectoring: info=00000000 errcode=00000000
[  348.136649] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.149326] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  348.157886] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.158001] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.158520] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.158631] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:12 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  348.158733] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  348.167544] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  348.183420] TSC Offset = 0xffffff43e929b3ad
[  348.191792] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  348.200411] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  348.218142] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  348.235140] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  348.242511] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  348.246961] TPR Threshold = 0x00
[  348.259726] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.262793] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  348.276249] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.278119] EPT pointer = 0x00000001c55d001e
[  348.289237] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  348.307138] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.307682] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  348.336233] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:12 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:12 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(0xffffffffffffffff, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  348.339179] Interruptibility = 00000000  ActivityState = 00000000
[  348.348196] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  348.375568] *** Host State ***
[  348.381045] RIP = 0xffffffff81223c27  RSP = 0xffff88817e727350
[  348.387603] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  348.404568] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  348.420088] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  348.432589] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  348.440756] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  348.440776] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  348.462644] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  348.469395] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  348.478237] CR0=0000000080050033 CR3=00000001b27f0000 CR4=00000000001426e0
[  348.485537] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
17:10:12 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  348.502437] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  348.507041] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  348.513732] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  348.524166] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  348.527790] *** Control State ***
[  348.546939] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  348.553660] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  348.553672] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  348.553681] Interruptibility = 00000000  ActivityState = 00000000
[  348.553685] *** Host State ***
[  348.553697] RIP = 0xffffffff81223c27  RSP = 0xffff8881836bf350
[  348.553730] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  348.553741] FSBase=00007f9498b76700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  348.553752] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  348.593031] EntryControls=0000d1ff ExitControls=002fefff
[  348.608085] Interruptibility = 00000000  ActivityState = 00000000
[  348.623320] *** Host State ***
[  348.626602] RIP = 0xffffffff81223c27  RSP = 0xffff888183a97350
[  348.632763] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  348.641881] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
17:10:13 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={0x0, 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  348.645857] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  348.650453] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  348.665025] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  348.677553] CR0=0000000080050033 CR3=00000001c6a68000 CR4=00000000001426f0
[  348.679956] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  348.694147] CR0=0000000080050033 CR3=00000001d7fa6000 CR4=00000000001426e0
17:10:13 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000040)={0x80, 0x1000000, 0x0, 0x2})
socket$inet6_udp(0xa, 0x2, 0x0)

[  348.706390] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  348.717432] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  348.728690] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  348.737740]         reason=80000021 qualification=0000000000000000
[  348.745314] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  348.751400] *** Control State ***
[  348.751409] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  348.751415] EntryControls=0000d1ff ExitControls=002fefff
[  348.751427] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  348.751435] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  348.751442] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  348.751448]         reason=80000021 qualification=0000000000000000
[  348.751454] IDTVectoring: info=00000000 errcode=00000000
[  348.751459] TSC Offset = 0xffffff438e30657f
[  348.751468] TPR Threshold = 0x00
[  348.768872] EPT pointer = 0x00000001cda4b01e
[  348.777148] IDTVectoring: info=00000000 errcode=00000000
[  348.790889] *** Control State ***
[  348.826077] TSC Offset = 0xffffff43879d59ec
[  348.830822] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  348.838128] TPR Threshold = 0x00
[  348.842831] EntryControls=0000d1ff ExitControls=002fefff
[  348.856517] EPT pointer = 0x00000001cbddd01e
[  348.865922] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
17:10:13 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:13 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  348.904516] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
17:10:13 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  348.956002] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  348.998411]         reason=80000021 qualification=0000000000000000
[  349.015777] IDTVectoring: info=00000000 errcode=00000000
[  349.055227] TSC Offset = 0xffffff4370eeff26
[  349.071429] TPR Threshold = 0x00
[  349.075500] EPT pointer = 0x00000001d792c01e
17:10:13 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:13 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:13 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(0xffffffffffffffff, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:13 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  349.192054] *** Guest State ***
[  349.195668] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  349.205084] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  349.227929] CR3 = 0x0000000000000000
[  349.232578] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:13 executing program 4:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')
r1 = syz_open_dev$cec(&(0x7f0000000e00)='/dev/cec#\x00', 0x1, 0x2)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000e40)=0xfffffffffffffe01, 0x4)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000880)={{{@in=@loopback, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000980)=0xe8)
lstat(&(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000cc0)='/dev/snapshot\x00', 0x101000, 0x0)
ioctl$VIDIOC_QUERYCAP(r4, 0x80685600, &(0x7f0000000d80))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000a80)={{{@in=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@mcast2}}}, &(0x7f0000000b80)=0xe8)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGPGRP(r6, 0x8904, &(0x7f0000000d40)=<r7=>0x0)
ptrace$peek(0x3, r7, &(0x7f0000000d00))
syz_mount_image$hfsplus(&(0x7f0000000100)='hfsplus\x00', &(0x7f0000000180)='./file0\x00', 0x4, 0x9, &(0x7f0000000780)=[{&(0x7f00000001c0)="3765b1ec04220f9b4db38ffb9af4f699f0ce603900c718fe3389cffe3e1e039fa640356d9197433d500b767f9e613762ea6341a678add8c16a57d16fecd8c5fc0bc88c4fecdd563615903d16ec036a3d5f49e53de4e61ccc2438ddd6bbefa2c8544d4c415cc1efe3be58e437d44735e44fbff634162f00621bc750e989df185e87fe77cd8ca164db7e8b0d7a76da2bf7d4e2030959f572276aea975cbdcf2bbbc1b929d058440683987b8ca0cf016f", 0xaf, 0x200}, {&(0x7f0000000280)="c3533c4dbe7919848c426d0692ed630c04a2c740189d4092a18f2428d8200f6fe58de4815e85b92abfbe5c74deee5e0b4f17b2a34fd4f7dd9dc560c96fc1a2d096acb9c62e5cdd5bf8a8c0f337b833bd63bd97b615b3e3b67d0da04afaebbc401dabf5f403e83d881554e27361d1afbe5c3de5316526b84f161e188d5df3676a26d69674b0d64040114ddf8c18786059b9fa01c8e2", 0x95}, {&(0x7f0000000340)="64162ae0fa2c5f", 0x7, 0xffff}, {&(0x7f0000000380)="d36cd56ae06ca9cc23c9c651623ec4b4d1bd106d7a517768727f310f4d5e133a179cdc6f9fa50a0243b08ff29b4e1f9d8d272ff43e032dc271941dba3c7f1558220b3c6bd7636ab94854f878debdee59ad4959fae211455087e3368629b5e73f30460c825bf7d8bfe939d8b146dcede0d9d4811f854ca1867af601ff2a5990b8775dbfa41d82893eb7d7220f0cd6170cd3d0373ed376e2f27c5b15c82fc17c7f4cf04af31876258207d90fc1c4774b5fc870d9f8d2040ff11c07029ba3d3c1d838f350d3dfc9e7446204b0c28e28a4e09dc89d39c9733e172c6dea14c1f6a10e501454738dd764aa83a920ba9732e2cbc48bde", 0xf3, 0x100000001}, {&(0x7f0000000480)="3ad2c5ff2a74b278948928f97c7d6211cc986426baeb6a08f4b06be7ea26696c9198ac564c14fa6078f1d115c9aae21b728e058be8ef5d47c77014f7db09ac9bbb289e0b7ae45e45857b1919c5dbd17d0321bdf93f3fd761a4b53926a9eb1d4dc62bff4b1b9d2c1752c7491997bdc7864620eafe6f30a82849ace0629f02985fb0bda979823db000aa93c61860a6edd6e12e63e9aeea842a8eb4df470ee393e4c835a67051d953d0b95f17b2f3eccae41d2f526b4679860e4654c3e4fb205e9b04327edd4c2b7cdd9a9945288f5c9aa32ac7fb99f847633660c34a46ca1b2f6f81ea9c83cffcd4ec517c178eeb234a", 0xef, 0x1ff}, {&(0x7f0000000580)="1f469e93076004186257251a84f84842c376faddfae82eedfcdb1dc0ebe6b5cf23897e2be1ba057866af0bc5f769aac746dae1d10ea3767f8baa26094ab37f20360f6581eb0aeaf369511b1d0448491742c839f7b693dece74b6300322a5c45972e403a0e3e7da09a82915906515aab8ce4d815cef6f3c808c8ae0d0082b0aa769ca2fbc99c8cc15e4595b019a4ca047cd54af24122ef534aecf5b37a1b132ee03d75538ac7e612a56f78786f5eb565c8df86d279c075c71a1b78f54b9aad436e2ffaf9f952972f499056e82b153fbe1051e14ac1ed4d2a478f11257b2ce4b022a3c1fc01e915cc5fdba80", 0xeb, 0x51}, {&(0x7f0000000680)="1dec", 0x2, 0xffff}, {&(0x7f00000006c0)="a763336e94e901eb7a4956a10c021ae7fe6145c9a56c1622c890aeb6ed8a5df11a47d36817e4fd83d1c0bdb455b43cb995990acee02f917c93a0", 0x3a, 0x6}, {&(0x7f0000000700)="3b85f10d3ef8b737752cb8771e9f260cf89bbae82b0bc481254b1de0a8e24f295b0a0f3d6f268219a13ab65a77d41e58e29ade801d45f9a6a10c4fcf7cd01d9f683a356c8359dccd1838e12ce4028b82983adff9667be43ea4eae543f1f89467b8e24b8b2dbfcab15c4cdad51bfff7b7691df11a", 0x74, 0x5}], 0x800000, &(0x7f0000000bc0)=ANY=[@ANYBLOB='session=0x000000000000a7be,nobarrier,measure,euid>', @ANYRESDEC=r2, @ANYBLOB=',subj_role=,Lppraise_type=imasig,fowner>', @ANYRESDEC=r3, @ANYBLOB=',appraise,subj_role=security}bdev/*md5sum!,fowner<', @ANYRESDEC=r5, @ANYBLOB=',appraise_type=imasig,hash,\x00'])
set_tid_address(&(0x7f0000000080))
sendto$inet6(r4, &(0x7f0000000e80)="bccb03516f4e90bf07e98c3a0fd630f1d9021e0b8d3f688d4ffc7be0586a9c6cbdd402ed88a48e61a456dd71851a4893230e874f39e1ac7d710ad5fb8d2af02de8b210287295126f859e2a53a149993d0a93e2a4eae152bd590c47c750d3ceea2901ffc736be357be7991ab4d76f72a2c0ce18422272aa0141c1f31eddb9f3b61a7a8bf4a87f0e181e733a816a2e4c67d14898996f2a180e663ed2640965c8d34c1b8acf449e68192f4e6588982c055be66e85269a479675ade265e009e5285fe7fdde1c03cbe8fb4240a25102ec8b1c3c9ad86bf8b5d68f38f0ffca0b6ce6096dcd07a96ed43ca814afdefbc23d4cb141f551b7b65e6be55660dcdd9cd3", 0xfe, 0x20008800, &(0x7f0000000f80)={0xa, 0x4e21, 0x8, @mcast1, 0x4}, 0x1c)
fcntl$setsig(r0, 0xa, 0x21)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp6\x00')
ioctl$TUNGETVNETHDRSZ(r8, 0x800454d7, &(0x7f0000000140))

[  349.239170] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  349.246203] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  349.255027] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  349.264995] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.273957] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.283127] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.292157] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.317291] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.352780] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  349.370625] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
17:10:13 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, 0x0, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  349.396492] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  349.423017] hfsplus: unable to parse mount options
[  349.459510] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  349.474574] *** Guest State ***
[  349.492596] EFER =     0x0000000000000000  PAT = 0x0007040600070406
17:10:13 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:13 executing program 4:
r0 = perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')
r1 = syz_open_dev$cec(&(0x7f0000000e00)='/dev/cec#\x00', 0x1, 0x2)
setsockopt$netlink_NETLINK_PKTINFO(r1, 0x10e, 0x3, &(0x7f0000000e40)=0xfffffffffffffe01, 0x4)
getsockopt$inet_IP_IPSEC_POLICY(0xffffffffffffffff, 0x0, 0x10, &(0x7f0000000880)={{{@in=@loopback, @in=@initdev, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r2=>0x0}}, {{@in6=@loopback}, 0x0, @in=@initdev}}, &(0x7f0000000980)=0xe8)
lstat(&(0x7f00000009c0)='./file0\x00', &(0x7f0000000a00)={0x0, 0x0, 0x0, 0x0, <r3=>0x0})
r4 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000cc0)='/dev/snapshot\x00', 0x101000, 0x0)
ioctl$VIDIOC_QUERYCAP(r4, 0x80685600, &(0x7f0000000d80))
getsockopt$inet_IP_XFRM_POLICY(0xffffffffffffff9c, 0x0, 0x11, &(0x7f0000000a80)={{{@in=@local, @in=@multicast1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{@in6=@mcast2}}}, &(0x7f0000000b80)=0xe8)
r6 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$sock_SIOCGPGRP(r6, 0x8904, &(0x7f0000000d40)=<r7=>0x0)
ptrace$peek(0x3, r7, &(0x7f0000000d00))
syz_mount_image$hfsplus(&(0x7f0000000100)='hfsplus\x00', &(0x7f0000000180)='./file0\x00', 0x4, 0x9, &(0x7f0000000780)=[{&(0x7f00000001c0)="3765b1ec04220f9b4db38ffb9af4f699f0ce603900c718fe3389cffe3e1e039fa640356d9197433d500b767f9e613762ea6341a678add8c16a57d16fecd8c5fc0bc88c4fecdd563615903d16ec036a3d5f49e53de4e61ccc2438ddd6bbefa2c8544d4c415cc1efe3be58e437d44735e44fbff634162f00621bc750e989df185e87fe77cd8ca164db7e8b0d7a76da2bf7d4e2030959f572276aea975cbdcf2bbbc1b929d058440683987b8ca0cf016f", 0xaf, 0x200}, {&(0x7f0000000280)="c3533c4dbe7919848c426d0692ed630c04a2c740189d4092a18f2428d8200f6fe58de4815e85b92abfbe5c74deee5e0b4f17b2a34fd4f7dd9dc560c96fc1a2d096acb9c62e5cdd5bf8a8c0f337b833bd63bd97b615b3e3b67d0da04afaebbc401dabf5f403e83d881554e27361d1afbe5c3de5316526b84f161e188d5df3676a26d69674b0d64040114ddf8c18786059b9fa01c8e2", 0x95}, {&(0x7f0000000340)="64162ae0fa2c5f", 0x7, 0xffff}, {&(0x7f0000000380)="d36cd56ae06ca9cc23c9c651623ec4b4d1bd106d7a517768727f310f4d5e133a179cdc6f9fa50a0243b08ff29b4e1f9d8d272ff43e032dc271941dba3c7f1558220b3c6bd7636ab94854f878debdee59ad4959fae211455087e3368629b5e73f30460c825bf7d8bfe939d8b146dcede0d9d4811f854ca1867af601ff2a5990b8775dbfa41d82893eb7d7220f0cd6170cd3d0373ed376e2f27c5b15c82fc17c7f4cf04af31876258207d90fc1c4774b5fc870d9f8d2040ff11c07029ba3d3c1d838f350d3dfc9e7446204b0c28e28a4e09dc89d39c9733e172c6dea14c1f6a10e501454738dd764aa83a920ba9732e2cbc48bde", 0xf3, 0x100000001}, {&(0x7f0000000480)="3ad2c5ff2a74b278948928f97c7d6211cc986426baeb6a08f4b06be7ea26696c9198ac564c14fa6078f1d115c9aae21b728e058be8ef5d47c77014f7db09ac9bbb289e0b7ae45e45857b1919c5dbd17d0321bdf93f3fd761a4b53926a9eb1d4dc62bff4b1b9d2c1752c7491997bdc7864620eafe6f30a82849ace0629f02985fb0bda979823db000aa93c61860a6edd6e12e63e9aeea842a8eb4df470ee393e4c835a67051d953d0b95f17b2f3eccae41d2f526b4679860e4654c3e4fb205e9b04327edd4c2b7cdd9a9945288f5c9aa32ac7fb99f847633660c34a46ca1b2f6f81ea9c83cffcd4ec517c178eeb234a", 0xef, 0x1ff}, {&(0x7f0000000580)="1f469e93076004186257251a84f84842c376faddfae82eedfcdb1dc0ebe6b5cf23897e2be1ba057866af0bc5f769aac746dae1d10ea3767f8baa26094ab37f20360f6581eb0aeaf369511b1d0448491742c839f7b693dece74b6300322a5c45972e403a0e3e7da09a82915906515aab8ce4d815cef6f3c808c8ae0d0082b0aa769ca2fbc99c8cc15e4595b019a4ca047cd54af24122ef534aecf5b37a1b132ee03d75538ac7e612a56f78786f5eb565c8df86d279c075c71a1b78f54b9aad436e2ffaf9f952972f499056e82b153fbe1051e14ac1ed4d2a478f11257b2ce4b022a3c1fc01e915cc5fdba80", 0xeb, 0x51}, {&(0x7f0000000680)="1dec", 0x2, 0xffff}, {&(0x7f00000006c0)="a763336e94e901eb7a4956a10c021ae7fe6145c9a56c1622c890aeb6ed8a5df11a47d36817e4fd83d1c0bdb455b43cb995990acee02f917c93a0", 0x3a, 0x6}, {&(0x7f0000000700)="3b85f10d3ef8b737752cb8771e9f260cf89bbae82b0bc481254b1de0a8e24f295b0a0f3d6f268219a13ab65a77d41e58e29ade801d45f9a6a10c4fcf7cd01d9f683a356c8359dccd1838e12ce4028b82983adff9667be43ea4eae543f1f89467b8e24b8b2dbfcab15c4cdad51bfff7b7691df11a", 0x74, 0x5}], 0x800000, &(0x7f0000000bc0)=ANY=[@ANYBLOB='session=0x000000000000a7be,nobarrier,measure,euid>', @ANYRESDEC=r2, @ANYBLOB=',subj_role=,Lppraise_type=imasig,fowner>', @ANYRESDEC=r3, @ANYBLOB=',appraise,subj_role=security}bdev/*md5sum!,fowner<', @ANYRESDEC=r5, @ANYBLOB=',appraise_type=imasig,hash,\x00'])
set_tid_address(&(0x7f0000000080))
sendto$inet6(r4, &(0x7f0000000e80)="bccb03516f4e90bf07e98c3a0fd630f1d9021e0b8d3f688d4ffc7be0586a9c6cbdd402ed88a48e61a456dd71851a4893230e874f39e1ac7d710ad5fb8d2af02de8b210287295126f859e2a53a149993d0a93e2a4eae152bd590c47c750d3ceea2901ffc736be357be7991ab4d76f72a2c0ce18422272aa0141c1f31eddb9f3b61a7a8bf4a87f0e181e733a816a2e4c67d14898996f2a180e663ed2640965c8d34c1b8acf449e68192f4e6588982c055be66e85269a479675ade265e009e5285fe7fdde1c03cbe8fb4240a25102ec8b1c3c9ad86bf8b5d68f38f0ffca0b6ce6096dcd07a96ed43ca814afdefbc23d4cb141f551b7b65e6be55660dcdd9cd3", 0xfe, 0x20008800, &(0x7f0000000f80)={0xa, 0x4e21, 0x8, @mcast1, 0x4}, 0x1c)
fcntl$setsig(r0, 0xa, 0x21)
r8 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/tcp6\x00')
ioctl$TUNGETVNETHDRSZ(r8, 0x800454d7, &(0x7f0000000140))

17:10:13 executing program 1:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  349.507449] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  349.520961] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  349.558960] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  349.575682] Interruptibility = 00000000  ActivityState = 00000000
[  349.600706] CR3 = 0x0000000000000000
[  349.608667] *** Host State ***
[  349.616851] RIP = 0xffffffff81223c27  RSP = 0xffff8881afbbf350
[  349.623950] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  349.653530] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  349.663819] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  349.673150] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  349.682170] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  349.712390] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  349.733114] CR0=0000000080050033 CR3=00000001b502f000 CR4=00000000001426f0
[  349.735810] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  349.743727] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  349.760284] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  349.769825] hfsplus: unable to parse mount options
[  349.775604] *** Control State ***
[  349.779656] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  349.786516] EntryControls=0000d1ff ExitControls=002fefff
[  349.795477] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  349.806092] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.830247] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  349.851681] *** Guest State ***
[  349.860146] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  349.868139] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  349.877688] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.886080] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.888750]         reason=80000021 qualification=0000000000000000
[  349.896379] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:14 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:14 executing program 1:
perf_event_open(&(0x7f0000000040)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:14 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  349.910467] IDTVectoring: info=00000000 errcode=00000000
[  349.910475] TSC Offset = 0xffffff42c15defa1
[  349.910480] TPR Threshold = 0x00
[  349.910503] EPT pointer = 0x00000001d7c2301e
[  349.936813] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.951757] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  349.966374] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  349.985150] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  349.993941] CR3 = 0x0000000000000000
[  350.002750] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  350.009251] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  350.018391] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  350.024707] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  350.038845] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  350.045925] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  350.053082] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  350.061593] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  350.069826] Interruptibility = 00000000  ActivityState = 00000000
[  350.076580] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.085014] *** Host State ***
[  350.089264] RIP = 0xffffffff81223c27  RSP = 0xffff88818249f350
[  350.095623] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.105135] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  350.112167] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.127458] FSBase=00007f9498b76700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  350.135592] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.140033] *** Guest State ***
[  350.147833] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  350.150191] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  350.167342] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  350.180098] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.193440] CR0=0000000080050033 CR3=00000001d9b5a000 CR4=00000000001426e0
[  350.196860] CR3 = 0x0000000000000000
[  350.200882] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  350.201043] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  350.201121] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  350.213574] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  350.213665] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  350.213696] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  350.213727] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  350.213938] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.214057] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.227923] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  350.236261] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  350.249322] *** Control State ***
[  350.265461] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  350.273674] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.273697] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.273823] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  350.274039] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  350.274182] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  350.274240] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  350.274554] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  350.274709] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  350.301309] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  350.307918] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  350.315692] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  350.323565] EntryControls=0000d1ff ExitControls=002fefff
[  350.340178] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  350.348027] Interruptibility = 00000000  ActivityState = 00000000
[  350.348122] *** Host State ***
[  350.356397] Interruptibility = 00000000  ActivityState = 00000000
[  350.363121] RIP = 0xffffffff81223c27  RSP = 0xffff888188327350
[  350.369413] *** Host State ***
[  350.376593] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  350.384602] RIP = 0xffffffff81223c27  RSP = 0xffff88817e727350
[  350.389589] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  350.397259] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  350.411485] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  350.413039] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  350.421364] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  350.422480] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  350.429101] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  350.435025] CR0=0000000080050033 CR3=00000001bac31000 CR4=00000000001426e0
[  350.442106] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  350.448553] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  350.455342]         reason=80000021 qualification=0000000000000000
[  350.463610] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  350.471362] CR0=0000000080050033 CR3=00000001b1d92000 CR4=00000000001426f0
[  350.477320] *** Control State ***
[  350.484181] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  350.491045] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  350.497112] IDTVectoring: info=00000000 errcode=00000000
[  350.503757] EntryControls=0000d1ff ExitControls=002fefff
[  350.510178] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  350.517130] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  350.524103] TSC Offset = 0xffffff4297518af3
17:10:14 executing program 0:
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:14 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:14 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:14 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  350.526846] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  350.533753] TPR Threshold = 0x00
[  350.533762] EPT pointer = 0x00000001b270401e
[  350.546051] *** Control State ***
[  350.557776] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  350.583883] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  350.592094]         reason=80000021 qualification=0000000000000000
[  350.595509] EntryControls=0000d1ff ExitControls=002fefff
[  350.628290] IDTVectoring: info=00000000 errcode=00000000
[  350.666505] TSC Offset = 0xffffff423b71aa72
[  350.667973] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  350.688795] TPR Threshold = 0x00
[  350.712750] EPT pointer = 0x00000001d300601e
[  350.722451] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  350.747867] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
17:10:15 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:15 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x0, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  350.767017]         reason=80000021 qualification=0000000000000000
[  350.782307] *** Guest State ***
[  350.785767] IDTVectoring: info=00000000 errcode=00000000
[  350.793710] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  350.803525] TSC Offset = 0xffffff42633bec98
[  350.820245] TPR Threshold = 0x00
[  350.831871] EPT pointer = 0x00000001ce47501e
[  350.869314] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:15 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:15 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:15 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x191200, 0x0)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x1e1)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x402, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/85, 0x55}, {&(0x7f00000000c0)=""/21, 0x15}, {&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000280)=""/56, 0x38}], 0x4, &(0x7f0000000640)=""/193, 0xc1, 0x800722}, 0x40000000)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r5, &(0x7f0000000900), 0x0)
r6 = socket(0xa, 0x3, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x5, 0x4, 0xdfc6, <r7=>0x0}, &(0x7f0000000180)=0x20)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000001c0)={r7, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x0, 0x0, 0x7f, 0x3, 0x80}, 0x98)
mq_open(&(0x7f00000002c0)='ppp1[\x00', 0x41, 0x10, &(0x7f0000000a00)={0x1, 0x7, 0x0, 0x7f, 0x0, 0x7fff, 0x80000000000000})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000000)={'bridge0\x00\x00\x01\x00'})
ioctl$TIOCCONS(r3, 0x541d)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000840), 0x4)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000940)=ANY=[@ANYBLOB="0f00b40080bae7d892c56a9794acec0c06f8dc"], &(0x7f0000000980)=0x1)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000100)="66b8d5008ed0660f382230c463096dbe1f52000000b8010000000f01c166ba2100b8ee170000ef0f001e400f2397c744240014010000c744240210ed157aff2c240f06360f8500000080"}], 0xaaaaaaaaaaaacea, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff})
ioctl$KDMKTONE(r8, 0x4b30, 0x590)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  350.985354] *** Guest State ***
[  350.989347] CR3 = 0x0000000000000000
[  351.006720] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  351.009495] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:15 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x0, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  351.065031] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  351.090459] CR3 = 0x0000000000000000
[  351.103714] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:15 executing program 2:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x191200, 0x0)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x1e1)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x402, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/85, 0x55}, {&(0x7f00000000c0)=""/21, 0x15}, {&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000280)=""/56, 0x38}], 0x4, &(0x7f0000000640)=""/193, 0xc1, 0x800722}, 0x40000000)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r5, &(0x7f0000000900), 0x0)
r6 = socket(0xa, 0x3, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x5, 0x4, 0xdfc6, <r7=>0x0}, &(0x7f0000000180)=0x20)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000001c0)={r7, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x0, 0x0, 0x7f, 0x3, 0x80}, 0x98)
mq_open(&(0x7f00000002c0)='ppp1[\x00', 0x41, 0x10, &(0x7f0000000a00)={0x1, 0x7, 0x0, 0x7f, 0x0, 0x7fff, 0x80000000000000})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000000)={'bridge0\x00\x00\x01\x00'})
ioctl$TIOCCONS(r3, 0x541d)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000840), 0x4)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000940)=ANY=[@ANYBLOB="0f00b40080bae7d892c56a9794acec0c06f8dc"], &(0x7f0000000980)=0x1)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000100)="66b8d5008ed0660f382230c463096dbe1f52000000b8010000000f01c166ba2100b8ee170000ef0f001e400f2397c744240014010000c744240210ed157aff2c240f06360f8500000080"}], 0xaaaaaaaaaaaacea, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff})
ioctl$KDMKTONE(r8, 0x4b30, 0x590)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:15 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  351.117234] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  351.124060] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  351.131243] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  351.145683] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  351.148210] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.177287] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  351.183960] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  351.183977] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.183994] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.223514] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.259408] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.299208] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.319556] bridge0: port 2(bridge_slave_1) entered disabled state
[  351.331869] bridge0: port 1(bridge_slave_0) entered disabled state
[  351.338414] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.351857] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.360245] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.361737] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  351.368866] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  351.384755] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  351.385280] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  351.400080] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
17:10:15 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x0, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  351.417265] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:15 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
socket$inet_dccp(0x2, 0x6, 0x0)
r0 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r0, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x73, &(0x7f00000002c0)={<r2=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000700)={r2, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r0, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r0, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r1})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:15 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x191200, 0x0)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x1e1)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x402, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/85, 0x55}, {&(0x7f00000000c0)=""/21, 0x15}, {&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000280)=""/56, 0x38}], 0x4, &(0x7f0000000640)=""/193, 0xc1, 0x800722}, 0x40000000)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r5, &(0x7f0000000900), 0x0)
r6 = socket(0xa, 0x3, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x5, 0x4, 0xdfc6, <r7=>0x0}, &(0x7f0000000180)=0x20)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000001c0)={r7, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x0, 0x0, 0x7f, 0x3, 0x80}, 0x98)
mq_open(&(0x7f00000002c0)='ppp1[\x00', 0x41, 0x10, &(0x7f0000000a00)={0x1, 0x7, 0x0, 0x7f, 0x0, 0x7fff, 0x80000000000000})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000000)={'bridge0\x00\x00\x01\x00'})
ioctl$TIOCCONS(r3, 0x541d)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000840), 0x4)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000940)=ANY=[@ANYBLOB="0f00b40080bae7d892c56a9794acec0c06f8dc"], &(0x7f0000000980)=0x1)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000100)="66b8d5008ed0660f382230c463096dbe1f52000000b8010000000f01c166ba2100b8ee170000ef0f001e400f2397c744240014010000c744240210ed157aff2c240f06360f8500000080"}], 0xaaaaaaaaaaaacea, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff})
ioctl$KDMKTONE(r8, 0x4b30, 0x590)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  351.446361] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  351.457496] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  351.544303] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  351.561724] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  351.585305] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  351.600248] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  351.611553] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  351.623835] Interruptibility = 00000000  ActivityState = 00000000
[  351.637313] *** Host State ***
[  351.642977] Interruptibility = 00000000  ActivityState = 00000000
[  351.651874] RIP = 0xffffffff81223c27  RSP = 0xffff888181657350
[  351.667768] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  351.676654] *** Host State ***
[  351.687170] RIP = 0xffffffff81223c27  RSP = 0xffff8881ce38f350
[  351.695718] FSBase=00007f0970e33700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  351.707442] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  351.719698] FSBase=00007fb18d224700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  351.723366] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  351.736100] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  351.743978] CR0=0000000080050033 CR3=00000001b43b6000 CR4=00000000001426e0
[  351.748407] CR0=0000000080050033 CR3=00000001b269e000 CR4=00000000001426e0
[  351.751397] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  351.764918] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  351.771264] *** Control State ***
[  351.777369] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  351.784315] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  351.793803] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  351.800554] EntryControls=0000d1ff ExitControls=002fefff
[  351.806266] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  351.813490] *** Control State ***
[  351.827562] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  351.834463] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  351.841454] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  351.862759]         reason=80000021 qualification=0000000000000000
[  351.871562] EntryControls=0000d1ff ExitControls=002fefff
[  351.878429] IDTVectoring: info=00000000 errcode=00000000
[  351.884703] TSC Offset = 0xffffff41c26be491
[  351.889325] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  351.896615] TPR Threshold = 0x00
[  351.900417] EPT pointer = 0x00000001bb09001e
[  351.905015] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  351.928264] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  351.958770]         reason=80000021 qualification=0000000000000000
[  351.968976] IDTVectoring: info=00000000 errcode=00000000
[  351.974692] TSC Offset = 0xffffff41de0002ad
[  351.980664] TPR Threshold = 0x00
[  351.989106] EPT pointer = 0x00000001d28e401e
17:10:16 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, 0x0, &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:16 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x0, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:16 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r2=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r2, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:16 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:16 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x0, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:16 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x0, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  352.307788] *** Guest State ***
[  352.325333] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  352.378770] device bridge_slave_1 left promiscuous mode
[  352.404433] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  352.405077] bridge0: port 2(bridge_slave_1) entered disabled state
[  352.414429] CR3 = 0x0000000000000000
[  352.424112] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  352.430896] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  352.437776] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  352.445663] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  352.456112] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  352.465223] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:16 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x0, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  352.474389] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  352.483846] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  352.492981] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  352.507685] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  352.523979] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  352.556650] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  352.590174] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  352.611753] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  352.628921] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  352.646237] device bridge_slave_0 left promiscuous mode
[  352.651990] bridge0: port 1(bridge_slave_0) entered disabled state
[  352.652966] Interruptibility = 00000000  ActivityState = 00000000
[  352.668526] *** Host State ***
[  352.671965] RIP = 0xffffffff81223c27  RSP = 0xffff8881abecf350
[  352.688169] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  352.694937] FSBase=00007f0970e33700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  352.712702] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  352.719121] CR0=0000000080050033 CR3=00000001d78ab000 CR4=00000000001426f0
[  352.732871] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  352.746605] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  352.758944] *** Control State ***
[  352.762461] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  352.771036] EntryControls=0000d1ff ExitControls=002fefff
[  352.776816] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  352.786011] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  352.793593] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  352.801844]         reason=80000021 qualification=0000000000000000
17:10:17 executing program 2:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x191200, 0x0)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x1e1)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x402, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/85, 0x55}, {&(0x7f00000000c0)=""/21, 0x15}, {&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000280)=""/56, 0x38}], 0x4, &(0x7f0000000640)=""/193, 0xc1, 0x800722}, 0x40000000)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r5, &(0x7f0000000900), 0x0)
r6 = socket(0xa, 0x3, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x5, 0x4, 0xdfc6, <r7=>0x0}, &(0x7f0000000180)=0x20)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000001c0)={r7, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x0, 0x0, 0x7f, 0x3, 0x80}, 0x98)
mq_open(&(0x7f00000002c0)='ppp1[\x00', 0x41, 0x10, &(0x7f0000000a00)={0x1, 0x7, 0x0, 0x7f, 0x0, 0x7fff, 0x80000000000000})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000000)={'bridge0\x00\x00\x01\x00'})
ioctl$TIOCCONS(r3, 0x541d)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000840), 0x4)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000940)=ANY=[@ANYBLOB="0f00b40080bae7d892c56a9794acec0c06f8dc"], &(0x7f0000000980)=0x1)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000100)="66b8d5008ed0660f382230c463096dbe1f52000000b8010000000f01c166ba2100b8ee170000ef0f001e400f2397c744240014010000c744240210ed157aff2c240f06360f8500000080"}], 0xaaaaaaaaaaaacea, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff})
ioctl$KDMKTONE(r8, 0x4b30, 0x590)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:17 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:17 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x0, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:17 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  352.809012] IDTVectoring: info=00000000 errcode=00000000
[  352.814707] TSC Offset = 0xffffff41152ef619
[  352.819933] TPR Threshold = 0x00
[  352.823522] EPT pointer = 0x00000001b7ea301e
17:10:17 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x191200, 0x0)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x1e1)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x402, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/85, 0x55}, {&(0x7f00000000c0)=""/21, 0x15}, {&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000280)=""/56, 0x38}], 0x4, &(0x7f0000000640)=""/193, 0xc1, 0x800722}, 0x40000000)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r5, &(0x7f0000000900), 0x0)
r6 = socket(0xa, 0x3, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x5, 0x4, 0xdfc6, <r7=>0x0}, &(0x7f0000000180)=0x20)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000001c0)={r7, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x0, 0x0, 0x7f, 0x3, 0x80}, 0x98)
mq_open(&(0x7f00000002c0)='ppp1[\x00', 0x41, 0x10, &(0x7f0000000a00)={0x1, 0x7, 0x0, 0x7f, 0x0, 0x7fff, 0x80000000000000})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000000)={'bridge0\x00\x00\x01\x00'})
ioctl$TIOCCONS(r3, 0x541d)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000840), 0x4)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000940)=ANY=[@ANYBLOB="0f00b40080bae7d892c56a9794acec0c06f8dc"], &(0x7f0000000980)=0x1)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000100)="66b8d5008ed0660f382230c463096dbe1f52000000b8010000000f01c166ba2100b8ee170000ef0f001e400f2397c744240014010000c744240210ed157aff2c240f06360f8500000080"}], 0xaaaaaaaaaaaacea, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff})
ioctl$KDMKTONE(r8, 0x4b30, 0x590)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:17 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
set_mempolicy(0x4002, &(0x7f0000000140)=0x6, 0x9)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x442e, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_CPUID2(0xffffffffffffffff, 0xc008ae91, &(0x7f0000000080)=ANY=[])
ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000080)=0x7f)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000600), &(0x7f0000000640)=0x4)
syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x549080)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000015c0)='ip6_vti0\x00', 0x10)
r1 = syz_open_dev$loop(&(0x7f0000000680)='/dev/loop#\x00', 0x0, 0x800000000105082)
r2 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6)
r3 = socket(0x11, 0x4000000000080003, 0x0)
setsockopt$packet_int(r3, 0x107, 0x0, &(0x7f0000000100)=0xfff, 0x4)
bind$packet(r3, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
setsockopt(r3, 0x107, 0x5, &(0x7f0000001000), 0xc5)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, &(0x7f00000ddff8), 0x102000000)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
unshare(0x24000000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff)
r4 = getpid()
sched_setscheduler(r4, 0x5, &(0x7f0000000000))

17:10:17 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:17 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x0, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  353.107904] *** Guest State ***
[  353.113351] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  353.123183] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  353.134507] CR3 = 0x0000000000000000
[  353.140781] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  353.150047] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  353.156795] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  353.173111] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  353.182401] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  353.197682] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  353.215336] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  353.227496] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:17 executing program 2:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000040)='/dev/rtc0\x00', 0x191200, 0x0)
ioctl$UI_SET_KEYBIT(r3, 0x40045565, 0x1e1)
r4 = openat$full(0xffffffffffffff9c, &(0x7f0000000080)='/dev/full\x00', 0x402, 0x0)
recvmsg$kcm(0xffffffffffffffff, &(0x7f0000000740)={&(0x7f0000000300)=@can, 0x80, &(0x7f0000000380)=[{&(0x7f00000004c0)=""/85, 0x55}, {&(0x7f00000000c0)=""/21, 0x15}, {&(0x7f0000000540)=""/251, 0xfb}, {&(0x7f0000000280)=""/56, 0x38}], 0x4, &(0x7f0000000640)=""/193, 0xc1, 0x800722}, 0x40000000)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000000040), 0x4)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
readv(r5, &(0x7f0000000900), 0x0)
r6 = socket(0xa, 0x3, 0x8)
getsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(0xffffffffffffffff, 0x84, 0xa, &(0x7f0000000140)={0xffffffff, 0x0, 0x0, 0x0, 0x2, 0x5, 0x4, 0xdfc6, <r7=>0x0}, &(0x7f0000000180)=0x20)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000a40)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
setsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r6, 0x84, 0x9, &(0x7f00000001c0)={r7, @in={{0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x19}}}, 0x0, 0x0, 0x7f, 0x3, 0x80}, 0x98)
mq_open(&(0x7f00000002c0)='ppp1[\x00', 0x41, 0x10, &(0x7f0000000a00)={0x1, 0x7, 0x0, 0x7f, 0x0, 0x7fff, 0x80000000000000})
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x8914, &(0x7f0000000000)={'bridge0\x00\x00\x01\x00'})
ioctl$TIOCCONS(r3, 0x541d)
ioctl$sock_inet_SIOCSIFFLAGS(r6, 0x89a1, &(0x7f0000000100)={'bridge0\x00', 0xfffffffffffffffd})
bpf$BPF_PROG_GET_NEXT_ID(0xb, &(0x7f0000000840), 0x4)
getsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x1e, &(0x7f0000000880), &(0x7f00000008c0)=0x4)
getsockopt$inet_sctp_SCTP_GET_PEER_ADDRS(r4, 0x84, 0x6c, &(0x7f0000000940)=ANY=[@ANYBLOB="0f00b40080bae7d892c56a9794acec0c06f8dc"], &(0x7f0000000980)=0x1)
r8 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r2, r8, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000080)=[@text64={0x40, &(0x7f0000000100)="66b8d5008ed0660f382230c463096dbe1f52000000b8010000000f01c166ba2100b8ee170000ef0f001e400f2397c744240014010000c744240210ed157aff2c240f06360f8500000080"}], 0xaaaaaaaaaaaacea, 0x0, &(0x7f00000000c0), 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r8, 0x4040aea0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x8, 0x3ff})
ioctl$KDMKTONE(r8, 0x4b30, 0x590)
ioctl$KVM_RUN(r8, 0xae80, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  353.297792] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:17 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x0, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  353.359224] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  353.437962] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  353.453964] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  353.462727] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  353.471252] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  353.478484] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  353.486424] Interruptibility = 00000000  ActivityState = 00000000
[  353.493846] *** Host State ***
[  353.498077] RIP = 0xffffffff81223c27  RSP = 0xffff888185647350
[  353.504753] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  353.517281] FSBase=00007fe411bf7700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
17:10:17 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:17 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x0, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  353.562877] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  353.597900] CR0=0000000080050033 CR3=00000001d2048000 CR4=00000000001426f0
[  353.647862] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  353.660826] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  353.670243] *** Control State ***
[  353.732544] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  353.757345] EntryControls=0000d1ff ExitControls=002fefff
17:10:18 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:18 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, 0x0, &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  353.782938] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  353.816348] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  353.847931] VMExit: intr_info=00000000 errcode=00000000 ilen=00000002
[  353.854512]         reason=80000021 qualification=0000000000000000
17:10:18 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  353.906602] IDTVectoring: info=00000000 errcode=00000000
[  353.951351] TSC Offset = 0xffffff40a614e607
[  353.987385] TPR Threshold = 0x00
[  354.020282] EPT pointer = 0x00000001d4f8401e
17:10:18 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, 0x0, &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:18 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
set_mempolicy(0x4002, &(0x7f0000000140)=0x6, 0x9)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x442e, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_CPUID2(0xffffffffffffffff, 0xc008ae91, &(0x7f0000000080)=ANY=[])
ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000080)=0x7f)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000600), &(0x7f0000000640)=0x4)
syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x549080)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000015c0)='ip6_vti0\x00', 0x10)
r1 = syz_open_dev$loop(&(0x7f0000000680)='/dev/loop#\x00', 0x0, 0x800000000105082)
r2 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6)
r3 = socket(0x11, 0x4000000000080003, 0x0)
setsockopt$packet_int(r3, 0x107, 0x0, &(0x7f0000000100)=0xfff, 0x4)
bind$packet(r3, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
setsockopt(r3, 0x107, 0x5, &(0x7f0000001000), 0xc5)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, &(0x7f00000ddff8), 0x102000000)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
unshare(0x24000000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff)
r4 = getpid()
sched_setscheduler(r4, 0x5, &(0x7f0000000000))

17:10:18 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x0, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:18 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, 0x0, &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:18 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x0, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  354.202258] *** Guest State ***
[  354.224205] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
17:10:18 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x0, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  354.346477] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  354.368937] CR3 = 0x0000000000000000
[  354.372818] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  354.379516] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  354.386192] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  354.407672] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  354.435361] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.452972] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.462259] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.488730] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.535258] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.540135] *** Guest State ***
[  354.569178] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  354.575748] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  354.605475] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  354.611857] *** Guest State ***
[  354.617650] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  354.626942] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
17:10:18 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x0, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  354.636512] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  354.654977] CR3 = 0x0000000000000000
[  354.655649] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  354.660263] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  354.671862] *** Guest State ***
[  354.673519] CR3 = 0x0000000000000000
[  354.682020] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  354.689334] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  354.690070] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  354.695657] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  354.713932] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  354.725028] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  354.727383] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  354.740171] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  354.749423] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  354.749566] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  354.764722] CR3 = 0x0000000000000000
[  354.769150] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  354.777305] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  354.784100] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  354.790493] Interruptibility = 00000000  ActivityState = 00000000
[  354.790774] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.797333] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  354.806925] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  354.820530] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.828765] *** Host State ***
[  354.829996] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.832126] RIP = 0xffffffff81223c27  RSP = 0xffff88817f6cf350
[  354.840651] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.846756] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  354.859908] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.862958] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  354.872844] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.877739] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.877860] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.886452] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.904080] FSBase=00007f9498b76700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  354.912011] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.920503] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:19 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x0, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  354.936731] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.941170] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  354.946484] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.965537] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  354.972341] CR0=0000000080050033 CR3=00000001d3289000 CR4=00000000001426e0
[  354.980303] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  354.988229] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  354.988497] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  354.988509] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  354.988514] *** Control State ***
[  354.988536] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  354.988544] EntryControls=0000d1ff ExitControls=002fefff
[  354.988564] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  355.022430] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  355.041908] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  355.043410] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  355.059813] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  355.068542] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  355.076238] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
17:10:19 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
set_mempolicy(0x4002, &(0x7f0000000140)=0x6, 0x9)
ioctl$EXT4_IOC_MIGRATE(0xffffffffffffffff, 0x6609)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r0 = syz_open_dev$dmmidi(&(0x7f0000000000)='/dev/dmmidi#\x00', 0x442e, 0x0)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={&(0x7f0000abe000)}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$KVM_GET_CPUID2(0xffffffffffffffff, 0xc008ae91, &(0x7f0000000080)=ANY=[])
ioctl$KVM_INTERRUPT(r0, 0x4004ae86, &(0x7f0000000080)=0x7f)
getsockopt$inet_sctp_SCTP_AUTOCLOSE(0xffffffffffffffff, 0x84, 0x4, &(0x7f0000000600), &(0x7f0000000640)=0x4)
syz_open_dev$audion(&(0x7f0000000040)='/dev/audio#\x00', 0x0, 0x549080)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f00000015c0)='ip6_vti0\x00', 0x10)
r1 = syz_open_dev$loop(&(0x7f0000000680)='/dev/loop#\x00', 0x0, 0x800000000105082)
r2 = memfd_create(&(0x7f00000000c0)='\x00\x00\x00\x00\x8c\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
pwritev(r2, &(0x7f0000f50f90)=[{&(0x7f0000000100)="a8", 0x1}], 0x1, 0x81003)
setsockopt$inet_sctp_SCTP_RTOINFO(0xffffffffffffffff, 0x84, 0x0, &(0x7f0000001000)={0x10000, 0x4, 0x100, 0x400}, 0x6)
r3 = socket(0x11, 0x4000000000080003, 0x0)
setsockopt$packet_int(r3, 0x107, 0x0, &(0x7f0000000100)=0xfff, 0x4)
bind$packet(r3, &(0x7f0000000480)={0x11, 0x3, 0x0, 0x1, 0x0, 0x6, @local}, 0x14)
setsockopt(r3, 0x107, 0x5, &(0x7f0000001000), 0xc5)
socket$inet(0x2, 0x4000000000000001, 0x0)
ioctl(0xffffffffffffffff, 0x20000000008912, &(0x7f00000001c0)="0a5c2d0240316285717070")
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r2, &(0x7f00000ddff8), 0x102000000)
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
unshare(0x24000000)
clone(0x20002100, 0x0, 0xfffffffffffffffe, &(0x7f0000000100), 0xffffffffffffffff)
r4 = getpid()
sched_setscheduler(r4, 0x5, &(0x7f0000000000))

[  355.076873] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  355.084732] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  355.084743] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  355.084751] Interruptibility = 00000000  ActivityState = 00000000
[  355.084755] *** Host State ***
[  355.084765] RIP = 0xffffffff81223c27  RSP = 0xffff888175c5f350
[  355.084784] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  355.084794] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  355.084804] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  355.084818] CR0=0000000080050033 CR3=00000001cd901000 CR4=00000000001426e0
[  355.084830] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  355.084840] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  355.084844] *** Control State ***
[  355.084851] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  355.084858] EntryControls=0000d1ff ExitControls=002fefff
[  355.084869] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
17:10:19 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  355.084876] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  355.084889] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  355.084895]         reason=80000021 qualification=0000000000000000
[  355.084901] IDTVectoring: info=00000000 errcode=00000000
[  355.084906] TSC Offset = 0xffffff3fee895a0b
[  355.084911] TPR Threshold = 0x00
[  355.084918] EPT pointer = 0x00000001b24fb01e
[  355.107347] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  355.120964] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  355.144149] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  355.162599] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  355.162607]         reason=80000021 qualification=0000000000000000
[  355.162614] IDTVectoring: info=00000000 errcode=00000000
[  355.162628] TSC Offset = 0xffffff401c7b78cd
[  355.162647] TPR Threshold = 0x00
[  355.162655] EPT pointer = 0x00000001d39d001e
[  355.164722] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
17:10:19 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, 0x0, &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:19 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  355.217207] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  355.238939] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  355.319069] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  355.338604] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  355.357602] Interruptibility = 00000000  ActivityState = 00000000
[  355.364034] *** Host State ***
17:10:19 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  355.417930] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  355.470245] Interruptibility = 00000000  ActivityState = 00000000
[  355.490205] RIP = 0xffffffff81223c27  RSP = 0xffff8881774f7350
[  355.516237] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  355.526673] *** Host State ***
[  355.534779] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  355.543957] RIP = 0xffffffff81223c27  RSP = 0xffff88817fc9f350
17:10:19 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  355.565416] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  355.573860] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  355.590932] CR0=0000000080050033 CR3=00000001cecc3000 CR4=00000000001426f0
[  355.599151] FSBase=00007f9124399700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  355.608814] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  355.616273] CR0=0000000080050033 CR3=00000001d84e1000 CR4=00000000001426e0
[  355.617226] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  355.623928] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  355.630219] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  355.643243] *** Control State ***
[  355.658835] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  355.664047] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  355.664900] *** Control State ***
[  355.664908] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  355.664915] EntryControls=0000d1ff ExitControls=002fefff
[  355.664927] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  355.664934] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  355.664945] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  355.678615] EntryControls=0000d1ff ExitControls=002fefff
[  355.697046] *** Guest State ***
17:10:20 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  355.701847] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  355.723516]         reason=80000021 qualification=0000000000000000
[  355.730190] IDTVectoring: info=00000000 errcode=00000000
[  355.736953] TSC Offset = 0xffffff3fe457e6d3
[  355.741787] TPR Threshold = 0x00
[  355.750083] EPT pointer = 0x00000001ba69a01e
[  355.755873] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  355.772330] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  355.783384] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  355.797953]         reason=80000021 qualification=0000000000000000
[  355.812025] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:20 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:20 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  355.814748] IDTVectoring: info=00000000 errcode=00000000
[  355.834451] TSC Offset = 0xffffff3fd3cbeb30
[  355.856366] TPR Threshold = 0x00
[  355.864427] EPT pointer = 0x00000001b3f7901e
[  355.869471] CR3 = 0x0000000000000000
17:10:20 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x44, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:20 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  355.886547] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  355.918302] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  355.982777] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  355.998895] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
17:10:20 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  356.024225] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.064313] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:20 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  356.084550] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.113789] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.155009] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.167759] *** Guest State ***
[  356.179154] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  356.198118] audit: type=1804 audit(1545844220.496:58): pid=15819 uid=0 auid=4294967295 ses=4294967295 subj=unconfined_u:system_r:insmod_t:s0-s0:c0.c1023 op=invalid_pcr cause=open_writers comm="syz-executor1" name="/root/syzkaller-testdir216955732/syzkaller.Pw8MZP/305/memory.events" dev="sda1" ino=17211 res=1
[  356.199728] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  356.229322] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  356.244288] CR3 = 0x0000000000000000
[  356.248706] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:20 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  356.255064] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  356.262076] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  356.279048] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  356.281570] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  356.303857] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.318719] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.327348] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.327369] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  356.327389] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  356.336345] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.376734] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  356.387531] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  356.398931] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  356.407733] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  356.410201] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  356.416813] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  356.441375] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  356.464402] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  356.472614] Interruptibility = 00000000  ActivityState = 00000000
[  356.484814] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  356.493307] *** Host State ***
[  356.496774] RIP = 0xffffffff81223c27  RSP = 0xffff88817661f350
[  356.501502] Interruptibility = 00000000  ActivityState = 00000000
[  356.507702] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  356.516312] FSBase=00007f9498b76700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  356.517984] *** Host State ***
[  356.525802] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  356.529707] RIP = 0xffffffff81223c27  RSP = 0xffff8881774f7350
[  356.536990] CR0=0000000080050033 CR3=00000001b360c000 CR4=00000000001426e0
[  356.539813] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  356.553390] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  356.557208] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  356.561742] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  356.571391] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  356.581183] *** Control State ***
[  356.584804] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  356.587276] CR0=0000000080050033 CR3=00000001b6eb4000 CR4=00000000001426f0
[  356.593690] EntryControls=0000d1ff ExitControls=002fefff
[  356.606158] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  356.611349] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  356.620326] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  356.626604] *** Control State ***
[  356.630450] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  356.632536] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  356.639447] EntryControls=0000d1ff ExitControls=002fefff
[  356.651474] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  356.651809] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  356.658929] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  356.670433]         reason=80000021 qualification=0000000000000000
[  356.672182] VMExit: intr_info=00000000 errcode=00000000 ilen=00000003
[  356.682376] IDTVectoring: info=00000000 errcode=00000000
[  356.685751]         reason=80000021 qualification=0000000000000000
[  356.693409] TSC Offset = 0xffffff3f5319b521
[  356.697801] IDTVectoring: info=00000000 errcode=00000000
[  356.707389] TPR Threshold = 0x00
[  356.711049] EPT pointer = 0x00000001ac63b01e
[  356.717605] TSC Offset = 0xffffff3f0703d1b7
[  356.722241] TPR Threshold = 0x00
17:10:21 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, 0x0, &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:21 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:21 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={0x0, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:21 executing program 4:
r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = request_key(&(0x7f0000000180)='.dead\x00', &(0x7f0000000240)={'syz', 0x2}, &(0x7f0000000280)='keyring\x00', 0xfffffffffffffffb)
prctl$PR_SET_FPEXC(0xc, 0x2)
keyctl$link(0x8, r0, r1)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$search(0xa, r0, &(0x7f00000002c0)='trusted\x00', &(0x7f0000000300)={'syz', 0x0}, r1)
keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')
keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000080)='blacklist\x00', 0x0)
keyctl$restrict_keyring(0x1d, r2, 0x0, &(0x7f00000000c0)='wlan0mime_type@\x00')
r3 = syz_open_dev$usbmon(&(0x7f0000000340)='/dev/usbmon#\x00', 0x1, 0x0)
recvfrom$inet6(r3, &(0x7f0000000380)=""/63, 0x3f, 0x2000, &(0x7f00000003c0)={0xa, 0x4e24, 0x7, @mcast2, 0x9}, 0x1c)
r4 = shmget$private(0x0, 0x2000, 0x7800100a, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_INFO(r4, 0xe, &(0x7f0000000400)=""/219)
write$cgroup_int(r3, &(0x7f00000005c0)=0xb4, 0x12)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000500)={<r5=>0x0, 0xfff}, &(0x7f0000000540)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000580)={r5, 0x0, 0x30}, 0xc)

[  356.725841] EPT pointer = 0x00000001ad1f201e
17:10:21 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x44, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:21 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x44, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:21 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:21 executing program 4:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x44, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  356.937846] *** Guest State ***
[  356.970246] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  357.045521] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:21 executing program 2:
r0 = add_key$keyring(&(0x7f0000000100)='keyring\x00', &(0x7f0000000140)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
r1 = request_key(&(0x7f0000000180)='.dead\x00', &(0x7f0000000240)={'syz', 0x2}, &(0x7f0000000280)='keyring\x00', 0xfffffffffffffffb)
prctl$PR_SET_FPEXC(0xc, 0x2)
keyctl$link(0x8, r0, r1)
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r2 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$search(0xa, r0, &(0x7f00000002c0)='trusted\x00', &(0x7f0000000300)={'syz', 0x0}, r1)
keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')
keyctl$restrict_keyring(0x1d, r2, &(0x7f0000000080)='blacklist\x00', 0x0)
keyctl$restrict_keyring(0x1d, r2, 0x0, &(0x7f00000000c0)='wlan0mime_type@\x00')
r3 = syz_open_dev$usbmon(&(0x7f0000000340)='/dev/usbmon#\x00', 0x1, 0x0)
recvfrom$inet6(r3, &(0x7f0000000380)=""/63, 0x3f, 0x2000, &(0x7f00000003c0)={0xa, 0x4e24, 0x7, @mcast2, 0x9}, 0x1c)
r4 = shmget$private(0x0, 0x2000, 0x7800100a, &(0x7f0000ffe000/0x2000)=nil)
shmctl$SHM_INFO(r4, 0xe, &(0x7f0000000400)=""/219)
write$cgroup_int(r3, &(0x7f00000005c0)=0xb4, 0x12)
getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(r3, 0x84, 0x13, &(0x7f0000000500)={<r5=>0x0, 0xfff}, &(0x7f0000000540)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000580)={r5, 0x0, 0x30}, 0xc)

[  357.102356] CR3 = 0x0000000000000000
[  357.114771] *** Guest State ***
[  357.118047] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  357.131828] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  357.143022] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
17:10:21 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r3, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:21 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  357.155758] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  357.165299] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  357.206410] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.219654] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  357.245397] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.258061] *** Guest State ***
[  357.261648] CR3 = 0x0000000000000000
[  357.265709] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  357.274918] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.274934] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.274949] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.274960] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:21 executing program 2:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000, 0x0, 0x0, 0x0})

[  357.274976] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  357.274986] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  357.275001] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  357.275010] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  357.275020] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  357.275028] Interruptibility = 00000000  ActivityState = 00000000
[  357.275032] *** Host State ***
[  357.275042] RIP = 0xffffffff81223c27  RSP = 0xffff888183acf350
[  357.275060] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  357.275071] FSBase=00007fb18d224700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  357.275080] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  357.275093] CR0=0000000080050033 CR3=00000001cd72e000 CR4=00000000001426f0
[  357.275105] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
17:10:21 executing program 2:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000, 0x0, 0x0, 0x0})

[  357.275115] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  357.275119] *** Control State ***
[  357.275127] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  357.275133] EntryControls=0000d1ff ExitControls=002fefff
[  357.275145] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  357.275152] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  357.275159] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  357.275166]         reason=80000021 qualification=0000000000000000
[  357.275172] IDTVectoring: info=00000000 errcode=00000000
[  357.275177] TSC Offset = 0xffffff3e9288bac0
[  357.275182] TPR Threshold = 0x00
[  357.275189] EPT pointer = 0x00000001d35e401e
[  357.297342] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  357.308780] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  357.341155] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  357.346906] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  357.346983] CR3 = 0x0000000000000000
17:10:21 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:21 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x44, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  357.347023] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  357.348108] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  357.348238] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  357.348360] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  357.348602] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.348965] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.349260] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:21 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  357.349411] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.349580] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.349708] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  357.349895] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  357.349997] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  357.350522] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
17:10:21 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  357.350609] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  357.350697] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  357.350909] Interruptibility = 00000000  ActivityState = 00000000
[  357.350957] *** Host State ***
[  357.351138] RIP = 0xffffffff81223c27  RSP = 0xffff88817fc9f350
[  357.351303] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  357.351330] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  357.352317] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  357.352738] CR0=0000000080050033 CR3=00000001b3f63000 CR4=00000000001426e0
[  357.352909] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  357.352966] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  357.353022] *** Control State ***
[  357.353249] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  357.353528] EntryControls=0000d1ff ExitControls=002fefff
[  357.354070] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  357.354285] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  357.354365] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  357.354423]         reason=80000021 qualification=0000000000000000
[  357.354482] IDTVectoring: info=00000000 errcode=00000000
[  357.354521] TSC Offset = 0xffffff3e7010dc21
[  357.354540] TPR Threshold = 0x00
[  357.354580] EPT pointer = 0x00000001b201e01e
[  357.497594] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  357.552909] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.586425] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.762919] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.785499] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.808515] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  357.818138] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  357.829869] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  357.846782] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  357.947689] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  357.957387] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  357.963828] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  358.027247] Interruptibility = 00000000  ActivityState = 00000000
[  358.029232] *** Guest State ***
[  358.042428] *** Host State ***
[  358.054584] RIP = 0xffffffff81223c27  RSP = 0xffff888181e77350
[  358.073490] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  358.078426] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  358.083316] *** Guest State ***
[  358.092694] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  358.102512] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  358.112448] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  358.117669] FSBase=00007f0970e33700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  358.122159] CR3 = 0x0000000000000000
[  358.134550] CR3 = 0x0000000000000000
[  358.138952] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  358.145277] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  358.152120] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  358.158904] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  358.160585] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  358.166535] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  358.178527] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  358.186834] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.195519] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.197227] CR0=0000000080050033 CR3=00000001b3c16000 CR4=00000000001426e0
[  358.204489] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.219715] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  358.227864] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  358.236193] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.242769] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  358.245087] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.260006] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  358.262130] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.274028] *** Control State ***
[  358.282278] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  358.283070] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.299006] EntryControls=0000d1ff ExitControls=002fefff
[  358.307338] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  358.311183] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  358.315628] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.337258] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  358.337887] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  358.350200] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.360232] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  358.377250] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  358.388133] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  358.397197] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  358.403820]         reason=80000021 qualification=0000000000000000
[  358.410502] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  358.410815] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  358.427360] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  358.435192] IDTVectoring: info=00000000 errcode=00000000
[  358.440676] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  358.441120] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  358.467172] TSC Offset = 0xffffff3e80ec0a93
[  358.471692] TPR Threshold = 0x00
[  358.472099] Interruptibility = 00000000  ActivityState = 00000000
[  358.476301] EPT pointer = 0x00000001d4f9601e
[  358.482103] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  358.514752] *** Host State ***
[  358.519459] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  358.526120] RIP = 0xffffffff81223c27  RSP = 0xffff88817ff5f350
17:10:22 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x44, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:22 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:22 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:22 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  358.536104] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  358.585145] Interruptibility = 00000000  ActivityState = 00000000
[  358.600425] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  358.606843] FSBase=00007f9498b76700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  358.612986] *** Host State ***
[  358.636618] RIP = 0xffffffff81223c27  RSP = 0xffff888183acf350
[  358.667464] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  358.688982] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  358.697435] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  358.717295] CR0=0000000080050033 CR3=00000001d4fef000 CR4=00000000001426f0
[  358.731513] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
17:10:23 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, 0x0)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  358.745067] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  358.757255] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  358.774608] *** Control State ***
[  358.797175] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  358.801986] CR0=0000000080050033 CR3=00000001d968b000 CR4=00000000001426f0
[  358.827304] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  358.841830] EntryControls=0000d1ff ExitControls=002fefff
[  358.847708] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  358.858601] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  358.872377] *** Control State ***
[  358.881956] *** Guest State ***
17:10:23 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  358.890653] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  358.894086] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  358.900090] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  358.916320] CR3 = 0x0000000000000000
[  358.921185] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  358.921412] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
17:10:23 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  358.945479]         reason=80000021 qualification=0000000000000000
[  358.954507] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  358.962387] EntryControls=0000d1ff ExitControls=002fefff
[  358.966713] IDTVectoring: info=00000000 errcode=00000000
[  358.976939] TSC Offset = 0xffffff3e0ac99c9b
[  358.979693] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  358.991128] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  358.995978] TPR Threshold = 0x00
[  359.004611] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  359.017178] EPT pointer = 0x00000001bfe0901e
[  359.021037] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  359.028320] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  359.028327]         reason=80000021 qualification=0000000000000000
[  359.028334] IDTVectoring: info=00000000 errcode=00000000
17:10:23 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, 0x0)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  359.028339] TSC Offset = 0xffffff3df95d3f47
[  359.028344] TPR Threshold = 0x00
[  359.028351] EPT pointer = 0x00000001d8f1901e
17:10:23 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  359.097669] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
17:10:23 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:23 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  359.140420] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:23 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  359.210411] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.264860] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.317584] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.366099] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.375686] *** Guest State ***
[  359.390916] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  359.409827] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  359.420859] CR3 = 0x0000000000000000
[  359.425094] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  359.433535] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  359.451153] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  359.464725] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  359.471800] *** Guest State ***
[  359.474387] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  359.483762] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  359.502488] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  359.513351] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  359.517351] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  359.523847] CR3 = 0x0000000000000000
[  359.534125] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.534506] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  359.548116] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  359.549192] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  359.557051] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.563763] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  359.571660] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  359.578230] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  359.584932] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  359.594857] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.600739] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.609389] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.609538] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.609686] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.609705] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.609719] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  359.609741] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  359.609856] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  359.618499] Interruptibility = 00000000  ActivityState = 00000000
[  359.626233] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  359.634690] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.642412] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  359.642520] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  359.642651] Interruptibility = 00000000  ActivityState = 00000000
[  359.642701] *** Host State ***
[  359.642797] RIP = 0xffffffff81223c27  RSP = 0xffff8881d286f350
[  359.651453] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  359.668196] *** Host State ***
[  359.692942] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  359.698539] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  359.712531] FSBase=00007f9498b76700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  359.724021] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  359.729666] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  359.737721] CR0=0000000080050033 CR3=00000001d8347000 CR4=00000000001426f0
[  359.737820] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  359.737910] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  359.737947] *** Control State ***
[  359.738030] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  359.738050] EntryControls=0000d1ff ExitControls=002fefff
17:10:24 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x44, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:24 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, 0x0)
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:24 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:24 executing program 2:
r0 = socket$inet_sctp(0x2, 0x0, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  359.738132] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  359.738181] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  359.762650] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  359.764456] RIP = 0xffffffff81223c27  RSP = 0xffff888188087350
[  359.778902] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  359.785229] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  359.792734] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  359.798076] FSBase=00007f0970e33700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  359.798087] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  359.798100] CR0=0000000080050033 CR3=00000001bedc5000 CR4=00000000001426f0
[  359.798113] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  359.798124] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  359.798128] *** Control State ***
[  359.798136] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  359.798143] EntryControls=0000d1ff ExitControls=002fefff
[  359.798155] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  359.798163] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  359.798170] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  359.798177]         reason=80000021 qualification=0000000000000000
[  359.798184] IDTVectoring: info=00000000 errcode=00000000
[  359.798189] TSC Offset = 0xffffff3d9307c095
[  359.798195] TPR Threshold = 0x00
[  359.798202] EPT pointer = 0x00000001b213101e
[  359.822330]         reason=80000021 qualification=0000000000000000
[  359.927928] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  359.978214] IDTVectoring: info=00000000 errcode=00000000
[  360.000294] TSC Offset = 0xffffff3d3eda4ff7
[  360.011127] *** Guest State ***
17:10:24 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0))
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  360.014798] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  360.027713] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  360.036338] TPR Threshold = 0x00
[  360.067595] EPT pointer = 0x00000001c65ba01e
[  360.077964] Interruptibility = 00000000  ActivityState = 00000000
[  360.093953] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  360.103000] *** Host State ***
[  360.110746] RIP = 0xffffffff81223c27  RSP = 0xffff88818091f350
[  360.117321] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  360.123912] CR3 = 0x0000000000000000
[  360.127870] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  360.134002] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  360.141963] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  360.146376] *** Guest State ***
[  360.148100] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  360.153805] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
17:10:24 executing program 4:
r0 = socket$inet_sctp(0x2, 0x0, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  360.157414] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  360.157426] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  360.157442] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.157458] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.173171] CR0=0000000080050033 CR3=00000001bf2a1000 CR4=00000000001426e0
[  360.187580] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:24 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0))
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  360.190094] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.213096] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  360.237214] CR3 = 0x0000000000000000
[  360.241109] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  360.247346] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.256416] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  360.269155] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.280180] *** Control State ***
[  360.284917] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  360.298900] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  360.313458] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  360.320377] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  360.332975] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  360.348372] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  360.360513] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:24 executing program 0:
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = accept(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  360.373278] EntryControls=0000d1ff ExitControls=002fefff
[  360.382900] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  360.391352] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.399858] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  360.407177] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  360.415678] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.424209] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  360.431554] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  360.438592] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.447655] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  360.453560] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  360.472682] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.496780]         reason=80000021 qualification=0000000000000000
[  360.503692] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  360.504694] Interruptibility = 00000000  ActivityState = 00000000
[  360.522834] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  360.532147] IDTVectoring: info=00000000 errcode=00000000
[  360.549902] *** Host State ***
[  360.554236] TSC Offset = 0xffffff3d47590a6f
[  360.560200] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  360.565427] RIP = 0xffffffff81223c27  RSP = 0xffff88817d72f350
[  360.585017] TPR Threshold = 0x00
[  360.588059] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  360.600651] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  360.603235] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  360.616997] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  360.622254] EPT pointer = 0x00000001d825501e
[  360.623187] CR0=0000000080050033 CR3=00000001ba69a000 CR4=00000000001426f0
[  360.634484] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  360.634941] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  360.648350] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  360.652452] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  360.662177] Interruptibility = 00000000  ActivityState = 00000000
[  360.674510] *** Host State ***
[  360.677935] *** Control State ***
[  360.681532] RIP = 0xffffffff81223c27  RSP = 0xffff8881b3587350
[  360.687691] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  360.697774] EntryControls=0000d1ff ExitControls=002fefff
[  360.706683] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  360.713255] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  360.720310] *** Guest State ***
[  360.720335] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  360.732593] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  360.732601] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  360.732607]         reason=80000021 qualification=0000000000000000
[  360.732613] IDTVectoring: info=00000000 errcode=00000000
[  360.732619] TSC Offset = 0xffffff3ceca69b21
[  360.732632] TPR Threshold = 0x00
[  360.732639] EPT pointer = 0x00000001ac98701e
[  360.732697] FSBase=00007f0970e33700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  360.732708] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
17:10:25 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:25 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0))
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:25 executing program 4:
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = accept(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  360.732720] CR0=0000000080050033 CR3=00000001d4f65000 CR4=00000000001426e0
[  360.732733] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  360.732742] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  360.732746] *** Control State ***
[  360.732754] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  360.732760] EntryControls=0000d1ff ExitControls=002fefff
[  360.732771] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  360.732778] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  360.732786] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  360.732793]         reason=80000021 qualification=0000000000000000
[  360.732799] IDTVectoring: info=00000000 errcode=00000000
[  360.732808] TSC Offset = 0xffffff3cdbda845f
[  360.742316] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  360.759176] CR3 = 0x0000000000000000
[  360.762841] TPR Threshold = 0x00
[  360.766523] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:25 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  360.819703] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  360.823241] EPT pointer = 0x00000001d7d0b01e
[  360.827604] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  360.841577] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  360.867467] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.907963] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  360.986671] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.005990] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.016557] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.026187] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:25 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:25 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  361.035249] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  361.075189] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:25 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:25 executing program 4:
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = accept(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  361.116047] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  361.179835] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  361.182297] *** Guest State ***
[  361.210338] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  361.219772] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
17:10:25 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  361.257341] Interruptibility = 00000000  ActivityState = 00000000
[  361.267316] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  361.276179] CR3 = 0x0000000000000000
[  361.321046] *** Host State ***
[  361.333369] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  361.341957] RIP = 0xffffffff81223c27  RSP = 0xffff88817ae27350
[  361.370927] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  361.374098] *** Guest State ***
[  361.379087] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  361.387672] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  361.408534] FSBase=00007f9498b76700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
17:10:25 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
setsockopt$inet_mtu(0xffffffffffffffff, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

[  361.417899] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  361.425808] *** Guest State ***
[  361.428695] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  361.432525] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  361.448909] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  361.452630] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  361.465108] CR3 = 0x0000000000000000
[  361.469306] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  361.472011] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  361.476969] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  361.488278] CR3 = 0x0000000000000000
[  361.490173] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  361.497876] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  361.500828] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  361.511244] CR0=0000000080050033 CR3=00000001ad977000 CR4=00000000001426e0
[  361.514938] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.521985] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  361.530027] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.545056] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.548347] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.561169] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
17:10:25 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x0)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  361.561180] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  361.561184] *** Control State ***
[  361.561192] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  361.561198] EntryControls=0000d1ff ExitControls=002fefff
[  361.561210] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  361.561217] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  361.561225] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  361.574599] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  361.592038] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.599914] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.610592]         reason=80000021 qualification=0000000000000000
[  361.614655] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.620169] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.627213] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.645427] IDTVectoring: info=00000000 errcode=00000000
[  361.671319] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  361.675593] TSC Offset = 0xffffff3c945876e5
[  361.680084] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  361.691576] TPR Threshold = 0x00
[  361.692666] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.703461] EPT pointer = 0x00000001d872501e
[  361.714310] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  361.723388] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.737230] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  361.754183] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.767314] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  361.775566] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.775579] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  361.775665] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.807390] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  361.809339] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
17:10:26 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
socket$inet_sctp(0x2, 0x5, 0x84)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:26 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(0xffffffffffffffff, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(0xffffffffffffffff, &(0x7f0000001380), 0x3fffff1, 0x40)

[  361.817577] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  361.832125] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  361.842446] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  361.849700] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  361.856605] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
17:10:26 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  361.867024] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  361.875385] Interruptibility = 00000000  ActivityState = 00000000
[  361.882512] *** Host State ***
[  361.888800] RIP = 0xffffffff81223c27  RSP = 0xffff88818091f350
[  361.897786] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  361.909113] Interruptibility = 00000000  ActivityState = 00000000
[  361.915089] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  361.934100] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  361.949834] *** Host State ***
[  361.954605] FSBase=00007fe411bf7700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  361.957317] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  361.969869] RIP = 0xffffffff81223c27  RSP = 0xffff88817c717350
[  361.981398] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  361.995651] CR0=0000000080050033 CR3=00000001bc133000 CR4=00000000001426f0
[  362.005312] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  362.020052] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  362.027711] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  362.034059] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  362.053466] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  362.055255] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  362.068136] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  362.076517] *** Control State ***
17:10:26 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(0xffffffffffffffff, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  362.080403] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  362.087420] CR0=0000000080050033 CR3=00000001ba69a000 CR4=00000000001426f0
[  362.094597] EntryControls=0000d1ff ExitControls=002fefff
[  362.100483] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  362.106089] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  362.107683] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  362.120936] Interruptibility = 00000000  ActivityState = 00000000
[  362.122096] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  362.138660] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  362.148482] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  362.155192] *** Control State ***
[  362.162301]         reason=80000021 qualification=0000000000000000
[  362.171151] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  362.177227] *** Host State ***
[  362.183369] IDTVectoring: info=00000000 errcode=00000000
[  362.185005] RIP = 0xffffffff81223c27  RSP = 0xffff8881bdbff350
[  362.200009] EntryControls=0000d1ff ExitControls=002fefff
[  362.205605] TSC Offset = 0xffffff3c367a9249
[  362.210488] TPR Threshold = 0x00
[  362.212729] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  362.214043] EPT pointer = 0x00000001d865401e
[  362.225268] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  362.244847] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  362.253005] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  362.266304] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  362.287843] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  362.299740]         reason=80000021 qualification=0000000000000000
[  362.302975] CR0=0000000080050033 CR3=00000001cac99000 CR4=00000000001426f0
[  362.313561] IDTVectoring: info=00000000 errcode=00000000
[  362.319576] TSC Offset = 0xffffff3c4d7df16e
[  362.319711] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  362.323978] TPR Threshold = 0x00
[  362.335498] EPT pointer = 0x00000001d939501e
[  362.342236] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
17:10:26 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r2=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r2, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r3, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r4 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r3, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r5, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r6 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r6, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r4, &(0x7f0000000340)=@known='system.advise\x00')
r7 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r7, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r7, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:26 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:26 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  362.352995] *** Control State ***
[  362.361985] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  362.368971] EntryControls=0000d1ff ExitControls=002fefff
[  362.393510] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  362.424445] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  362.447305] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  362.454095]         reason=80000021 qualification=0000000000000000
[  362.480001] IDTVectoring: info=00000000 errcode=00000000
[  362.490346] TSC Offset = 0xffffff3c3c74840e
17:10:26 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:26 executing program 4:
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = accept(0xffffffffffffffff, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(0xffffffffffffffff, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r0, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:26 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x9, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:26 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:26 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r3 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r3, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(0xffffffffffffffff, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  362.494805] TPR Threshold = 0x00
[  362.499836] EPT pointer = 0x00000001c013101e
17:10:26 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:27 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x9, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:27 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  362.764006] *** Guest State ***
17:10:27 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  362.796814] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  362.830353] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:27 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:27 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x9, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  362.859407] CR3 = 0x0000000000000000
[  362.870953] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:27 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  362.927744] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  362.949758] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  362.975371] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  363.010292] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:27 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  363.026874] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.036484] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.077466] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.085474] *** Guest State ***
[  363.108785] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  363.118410] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.136837] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  363.150971] CR3 = 0x0000000000000000
[  363.160076] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  363.166426] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  363.171716] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  363.181080] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  363.182149] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  363.190739] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  363.203973] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  363.217671] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  363.229629] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.239575] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.252962] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.273502] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.273761] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  363.281858] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.288976] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  363.305554] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  363.306929] Interruptibility = 00000000  ActivityState = 00000000
[  363.319647] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  363.331552] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  363.341277] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  363.345442] *** Host State ***
[  363.350703] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  363.367341] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  363.367353] RIP = 0xffffffff81223c27  RSP = 0xffff88817ae27350
[  363.367448] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  363.375124] Interruptibility = 00000000  ActivityState = 00000000
[  363.383854] FSBase=00007fe411bf7700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  363.388868] *** Host State ***
[  363.394722] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  363.403958] RIP = 0xffffffff81223c27  RSP = 0xffff88817b20f350
[  363.406696] CR0=0000000080050033 CR3=00000001d7a0b000 CR4=00000000001426e0
[  363.413286] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  363.417988] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
17:10:27 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:27 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:27 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(0xffffffffffffffff, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:27 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:27 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  363.417999] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  363.418003] *** Control State ***
[  363.418011] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  363.418017] EntryControls=0000d1ff ExitControls=002fefff
[  363.418028] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  363.418036] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  363.418043] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  363.418050]         reason=80000021 qualification=0000000000000000
[  363.418056] IDTVectoring: info=00000000 errcode=00000000
[  363.418062] TSC Offset = 0xffffff3b7d8243fb
[  363.418073] TPR Threshold = 0x00
[  363.425695] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  363.431644] EPT pointer = 0x00000001b168001e
[  363.439202] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  363.448927] CR0=0000000080050033 CR3=00000001cec40000 CR4=00000000001426f0
17:10:27 executing program 0:
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  363.636203] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  363.645681] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
17:10:28 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  363.748763] *** Control State ***
[  363.752630] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  363.760013] EntryControls=0000d1ff ExitControls=002fefff
[  363.766327] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  363.777547] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  363.785043] *** Guest State ***
[  363.785289] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  363.795941] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  363.796733]         reason=80000021 qualification=0000000000000000
[  363.805842] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  363.811451] IDTVectoring: info=00000000 errcode=00000000
[  363.811458] TSC Offset = 0xffffff3b4d4986e0
[  363.811463] TPR Threshold = 0x00
[  363.811471] EPT pointer = 0x00000001b033d01e
[  363.821033] CR3 = 0x0000000000000000
[  363.831255] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  363.850392] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  363.856693] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  363.864324] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  363.873131] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:28 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:28 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:28 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, 0x0)
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  363.893299] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.951874] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  363.975118] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:28 executing program 0:
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  363.994853] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  364.003832] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  364.013798] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  364.034638] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:28 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x0, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  364.056798] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
17:10:28 executing program 0:
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  364.150684] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  364.198870] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  364.206502] Interruptibility = 00000000  ActivityState = 00000000
[  364.268600] *** Guest State ***
[  364.272077] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  364.282806] *** Host State ***
[  364.286050] RIP = 0xffffffff81223c27  RSP = 0xffff8881d7d5f350
[  364.297527] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  364.304490] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  364.329990] FSBase=00007f9124399700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  364.343424] CR3 = 0x0000000000000000
[  364.350806] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  364.358529] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  364.364995] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  364.365091] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  364.378198] CR0=0000000080050033 CR3=00000001b5bbb000 CR4=00000000001426e0
[  364.378835] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  364.392309] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  364.394002] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  364.410468] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  364.420554] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  364.429630] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  364.435893] *** Control State ***
[  364.440295] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  364.448638] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  364.449050] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  364.455377] EntryControls=0000d1ff ExitControls=002fefff
[  364.464247] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  364.469844] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  364.477892] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  364.484123] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  364.492884] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  364.499142] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  364.499150]         reason=80000021 qualification=0000000000000000
[  364.499157] IDTVectoring: info=00000000 errcode=00000000
[  364.499163] TSC Offset = 0xffffff3af120d11f
17:10:28 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:28 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:28 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:28 executing program 4:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:28 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x0, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  364.499168] TPR Threshold = 0x00
[  364.499176] EPT pointer = 0x00000001d8a7e01e
[  364.508064] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  364.522484] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  364.556778] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  364.602064] Interruptibility = 00000000  ActivityState = 00000000
[  364.648205] *** Host State ***
[  364.667940] RIP = 0xffffffff81223c27  RSP = 0xffff88817a6c7350
[  364.679970] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  364.686589] FSBase=00007f0970e33700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  364.695954] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  364.702825] CR0=0000000080050033 CR3=00000001bf231000 CR4=00000000001426e0
[  364.717379] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  364.741714] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  364.794488] *** Guest State ***
[  364.798705] *** Control State ***
[  364.802177] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  364.805147] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  364.822349] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  364.826318] EntryControls=0000d1ff ExitControls=002fefff
[  364.832024] CR3 = 0x0000000000000000
[  364.836922] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  364.841697] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  364.847780] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  364.847788] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  364.847795]         reason=80000021 qualification=0000000000000000
[  364.847801] IDTVectoring: info=00000000 errcode=00000000
[  364.847806] TSC Offset = 0xffffff3ab026da03
[  364.847811] TPR Threshold = 0x00
[  364.847819] EPT pointer = 0x00000001bfe0901e
17:10:29 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0xf, 0x1c, 0xc, "2f6721c67de0640bf1c8907169740b3764fa7b16d4ccc83893b423dbf1311192c2f15159df58951be30a64c10abf8720bbdde49338290294ac967cf6785224ac", "9c20de5f8cc70c2e4d9ae694445d584918ff079408f1c03694a2714966824b4ebe560f09b0da0954e2232f3bf5913647ad5a203cc13200461d722762895fd65a", "39d37b5c5b3243f193acdb4aee61158b54da8701a584ffbb7bea961c25438270", [0x4, 0xffffffff]})
ioctl$UFFDIO_WAKE(r7, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:29 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:29 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x0, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:29 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  364.854438] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  364.920989] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  364.938105] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  364.958610] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:29 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0xf, 0x1c, 0xc, "2f6721c67de0640bf1c8907169740b3764fa7b16d4ccc83893b423dbf1311192c2f15159df58951be30a64c10abf8720bbdde49338290294ac967cf6785224ac", "9c20de5f8cc70c2e4d9ae694445d584918ff079408f1c03694a2714966824b4ebe560f09b0da0954e2232f3bf5913647ad5a203cc13200461d722762895fd65a", "39d37b5c5b3243f193acdb4aee61158b54da8701a584ffbb7bea961c25438270", [0x4, 0xffffffff]})
ioctl$UFFDIO_WAKE(r7, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  364.968309] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:29 executing program 0:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  365.000118] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  365.011666] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:29 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:29 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  365.052300] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  365.078774] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  365.096270] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  365.168088] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  365.187697] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  365.220749] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  365.235347] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  365.243686] Interruptibility = 00000000  ActivityState = 00000000
[  365.289022] *** Host State ***
[  365.306654] RIP = 0xffffffff81223c27  RSP = 0xffff8881c247f350
[  365.318549] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  365.325190] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  365.333550] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  365.340547] CR0=0000000080050033 CR3=00000001bc830000 CR4=00000000001426f0
[  365.347729] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  365.354465] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  365.360784] *** Control State ***
[  365.364316] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  365.371198] EntryControls=0000d1ff ExitControls=002fefff
[  365.376736] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  365.383799] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
17:10:29 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x0, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:29 executing program 0:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:29 executing program 2:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:29 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:29 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  365.390593] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  365.397338]         reason=80000021 qualification=0000000000000000
[  365.403746] IDTVectoring: info=00000000 errcode=00000000
[  365.409368] TSC Offset = 0xffffff3a6632655c
[  365.413815] TPR Threshold = 0x00
[  365.417210] EPT pointer = 0x00000001b84db01e
17:10:29 executing program 0:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:29 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:29 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0xb, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:29 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:29 executing program 0:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:30 executing program 4:
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:30 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x4, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:30 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  365.770254] *** Guest State ***
[  365.784582] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
17:10:30 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:30 executing program 4:
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  365.848094] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  365.894028] *** Guest State ***
[  365.898728] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  365.917637] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  365.927010] CR3 = 0x0000000000000000
[  365.931220] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  365.963077] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  365.971893] CR3 = 0x0000000000000000
[  365.978415] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  365.985175] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  365.998045] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.009012] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  366.018338] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.026826] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  366.034187] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  366.036639] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.041503] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  366.057959] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.066141] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.066700] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.084611] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.093162] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.093183] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.093292] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.093304] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  366.093320] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  366.093527] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  366.102982] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  366.109989] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  366.119372] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  366.137472] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  366.143735] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  366.153596] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  366.168168] Interruptibility = 00000000  ActivityState = 00000000
[  366.182584] *** Host State ***
[  366.190228] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  366.196265] RIP = 0xffffffff81223c27  RSP = 0xffff8881c670f350
[  366.201037] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  366.222748] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  366.224998] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  366.231278] Interruptibility = 00000000  ActivityState = 00000000
[  366.237344] FSBase=00007f9124399700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  366.243497] *** Host State ***
[  366.251380] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  366.254746] RIP = 0xffffffff81223c27  RSP = 0xffff8881819e7350
[  366.261554] CR0=0000000080050033 CR3=00000001cca66000 CR4=00000000001426e0
[  366.266873] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  366.274049] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  366.280635] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  366.287511] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  366.295549] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  366.302191] *** Control State ***
[  366.307967] CR0=0000000080050033 CR3=00000001ba668000 CR4=00000000001426e0
[  366.311682] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  366.318955] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  366.325930] EntryControls=0000d1ff ExitControls=002fefff
[  366.335517] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  366.338429] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  366.344482] *** Control State ***
[  366.351097] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  366.355368] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  366.361437] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  366.368176] EntryControls=0000d1ff ExitControls=002fefff
[  366.374891]         reason=80000021 qualification=0000000000000000
[  366.380558] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  366.387115] IDTVectoring: info=00000000 errcode=00000000
[  366.393960] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  366.399552] TSC Offset = 0xffffff39cd1492ce
17:10:30 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:30 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:30 executing program 1:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0xf, 0x1c, 0xc, "2f6721c67de0640bf1c8907169740b3764fa7b16d4ccc83893b423dbf1311192c2f15159df58951be30a64c10abf8720bbdde49338290294ac967cf6785224ac", "9c20de5f8cc70c2e4d9ae694445d584918ff079408f1c03694a2714966824b4ebe560f09b0da0954e2232f3bf5913647ad5a203cc13200461d722762895fd65a", "39d37b5c5b3243f193acdb4aee61158b54da8701a584ffbb7bea961c25438270", [0x4, 0xffffffff]})
ioctl$UFFDIO_WAKE(r7, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f00000005c0)='./file0\x00')
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:30 executing program 4:
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:30 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  366.406192] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  366.410618] TPR Threshold = 0x00
[  366.417129]         reason=80000021 qualification=0000000000000000
[  366.420850] EPT pointer = 0x00000001c34bb01e
[  366.426980] IDTVectoring: info=00000000 errcode=00000000
[  366.436691] TSC Offset = 0xffffff39e3cc1ec2
[  366.441072] TPR Threshold = 0x00
[  366.444429] EPT pointer = 0x00000001ca50701e
17:10:30 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
ioctl$LOOP_SET_STATUS64(r7, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0xf, 0x1c, 0xc, "2f6721c67de0640bf1c8907169740b3764fa7b16d4ccc83893b423dbf1311192c2f15159df58951be30a64c10abf8720bbdde49338290294ac967cf6785224ac", "9c20de5f8cc70c2e4d9ae694445d584918ff079408f1c03694a2714966824b4ebe560f09b0da0954e2232f3bf5913647ad5a203cc13200461d722762895fd65a", "39d37b5c5b3243f193acdb4aee61158b54da8701a584ffbb7bea961c25438270", [0x4, 0xffffffff]})
ioctl$UFFDIO_WAKE(r7, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f00000005c0)='./file0\x00')
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:30 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:30 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:30 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:30 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:31 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:31 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x1c, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  366.786154] *** Guest State ***
[  366.799653] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  366.823599] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  366.854342] CR3 = 0x0000000000000000
[  366.858736] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  366.864986] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  366.876305] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  366.886298] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  366.900995] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.912930] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.935003] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.943600] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.952655] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  366.964814] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  366.973129] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  366.981762] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  366.990262] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  367.006168] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  367.014070] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  367.021932] Interruptibility = 00000000  ActivityState = 00000000
[  367.028428] *** Host State ***
[  367.031793] RIP = 0xffffffff81223c27  RSP = 0xffff88817ad17350
[  367.038180] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  367.044660] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  367.052597] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  367.058579] CR0=0000000080050033 CR3=00000001cca66000 CR4=00000000001426e0
[  367.065650] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  367.072472] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  367.078730] *** Control State ***
[  367.082179] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  367.089129] EntryControls=0000d1ff ExitControls=002fefff
[  367.094618] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
17:10:31 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:31 executing program 1:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x15, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:31 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:31 executing program 2:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
r7 = accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r8 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r8, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0xf, 0x1c, 0xc, "2f6721c67de0640bf1c8907169740b3764fa7b16d4ccc83893b423dbf1311192c2f15159df58951be30a64c10abf8720bbdde49338290294ac967cf6785224ac", "9c20de5f8cc70c2e4d9ae694445d584918ff079408f1c03694a2714966824b4ebe560f09b0da0954e2232f3bf5913647ad5a203cc13200461d722762895fd65a", "39d37b5c5b3243f193acdb4aee61158b54da8701a584ffbb7bea961c25438270", [0x4, 0xffffffff]})
ioctl$UFFDIO_WAKE(r8, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f00000005c0)='./file0\x00')
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r7, 0x84, 0x21, &(0x7f0000000600), &(0x7f00000006c0)=0x4)
connect$llc(r9, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)

17:10:31 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:31 executing program 4:
perf_event_open(0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  367.101700] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  367.108742] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  367.115391]         reason=80000021 qualification=0000000000000000
[  367.121799] IDTVectoring: info=00000000 errcode=00000000
[  367.127328] TSC Offset = 0xffffff39533cabff
[  367.131696] TPR Threshold = 0x00
[  367.135069] EPT pointer = 0x00000001d84cf01e
17:10:31 executing program 4:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:31 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:31 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:31 executing program 4:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:31 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:31 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  367.482861] *** Guest State ***
[  367.497427] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  367.512028] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  367.522921] CR3 = 0x0000000000000000
[  367.528730] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  367.550778] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  367.570247] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  367.583054] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  367.597508] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  367.611462] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  367.623132] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  367.633689] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  367.645378] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  367.659813] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  367.668966] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  367.680741] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  367.689602] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  367.699241] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  367.706055] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  367.714069] Interruptibility = 00000000  ActivityState = 00000000
[  367.720697] *** Host State ***
[  367.723966] RIP = 0xffffffff81223c27  RSP = 0xffff8881d780f350
[  367.730280] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  367.736721] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  367.744668] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  367.750720] CR0=0000000080050033 CR3=00000001d7c23000 CR4=00000000001426f0
[  367.758173] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  367.764902] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  367.771137] *** Control State ***
[  367.774653] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
17:10:32 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:32 executing program 2:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4004550d, &(0x7f0000000000)={0x80, 0x1000000})

17:10:32 executing program 4:
perf_event_open(&(0x7f000025c000)={0x0, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:32 executing program 0:
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x8008550e, &(0x7f0000000000)={0x80, 0x1000000})

17:10:32 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:32 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  367.781510] EntryControls=0000d1ff ExitControls=002fefff
[  367.787402] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  367.794419] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  367.801264] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  367.808545]         reason=80000021 qualification=0000000000000000
[  367.814961] IDTVectoring: info=00000000 errcode=00000000
[  367.820701] TSC Offset = 0xffffff38f6dcd341
[  367.825061] TPR Threshold = 0x00
[  367.828664] EPT pointer = 0x00000001c21f901e
17:10:32 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:32 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
r7 = accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r8 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r8, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0xf, 0x1c, 0xc, "2f6721c67de0640bf1c8907169740b3764fa7b16d4ccc83893b423dbf1311192c2f15159df58951be30a64c10abf8720bbdde49338290294ac967cf6785224ac", "9c20de5f8cc70c2e4d9ae694445d584918ff079408f1c03694a2714966824b4ebe560f09b0da0954e2232f3bf5913647ad5a203cc13200461d722762895fd65a", "39d37b5c5b3243f193acdb4aee61158b54da8701a584ffbb7bea961c25438270", [0x4, 0xffffffff]})
ioctl$UFFDIO_WAKE(r8, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f00000005c0)='./file0\x00')
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r7, 0x84, 0x21, &(0x7f0000000600), &(0x7f00000006c0)=0x4)
connect$llc(r9, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)

17:10:32 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

[  368.093799] *** Guest State ***
[  368.108581] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  368.119558] *** Guest State ***
[  368.119584] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  368.119673] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:32 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x0, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  368.119748] CR3 = 0x0000000000000000
[  368.119771] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  368.119830] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  368.151904] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:32 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  368.199710] CR3 = 0x0000000000000000
[  368.215344] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  368.220177] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  368.229599] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  368.241299] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  368.249365] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  368.260082] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  368.268861] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.277568] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.279448] *** Guest State ***
[  368.287480] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.293042] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  368.306538] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  368.317001] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.325824] CR3 = 0x0000000000000000
[  368.326944] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.330673] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:32 executing program 0:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
r7 = accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r8 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r8, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
ioctl$LOOP_SET_STATUS64(r8, 0x4c04, &(0x7f0000000440)={0x0, 0x0, 0x0, 0xffffffff, 0x9, 0x0, 0xf, 0x1c, 0xc, "2f6721c67de0640bf1c8907169740b3764fa7b16d4ccc83893b423dbf1311192c2f15159df58951be30a64c10abf8720bbdde49338290294ac967cf6785224ac", "9c20de5f8cc70c2e4d9ae694445d584918ff079408f1c03694a2714966824b4ebe560f09b0da0954e2232f3bf5913647ad5a203cc13200461d722762895fd65a", "39d37b5c5b3243f193acdb4aee61158b54da8701a584ffbb7bea961c25438270", [0x4, 0xffffffff]})
ioctl$UFFDIO_WAKE(r8, 0x8010aa02, &(0x7f0000000140)={&(0x7f0000ffe000/0x2000)=nil, 0x2000})
pivot_root(&(0x7f0000000280)='./file0\x00', &(0x7f00000005c0)='./file0\x00')
getsockopt$inet_sctp6_SCTP_RECVNXTINFO(r7, 0x84, 0x21, &(0x7f0000000600), &(0x7f00000006c0)=0x4)
connect$llc(r9, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)

[  368.345411] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  368.358321] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.363970] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.374634] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  368.394073] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  368.397988] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.405576] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.420873] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.425097] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.430051] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.446221] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  368.455316] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.464358] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.465432] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  368.474145] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  368.485050] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  368.496387] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  368.511289] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  368.519399] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  368.519515] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  368.531131] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  368.546044] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  368.554596] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  368.559306] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  368.561914] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  368.577418] Interruptibility = 00000000  ActivityState = 00000000
[  368.582311] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  368.583957] *** Host State ***
[  368.596179] RIP = 0xffffffff81223c27  RSP = 0xffff88817b427350
[  368.600140] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  368.602796] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  368.615733] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  368.617658] FSBase=00007f0970e33700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  368.623994] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  368.639171] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  368.639283] Interruptibility = 00000000  ActivityState = 00000000
[  368.645851] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  368.652694] *** Host State ***
[  368.660082] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  368.663407] RIP = 0xffffffff81223c27  RSP = 0xffff888175d2f350
[  368.669274] Interruptibility = 00000000  ActivityState = 00000000
[  368.669310] *** Host State ***
[  368.669411] RIP = 0xffffffff81223c27  RSP = 0xffff8881c048f350
[  368.669497] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  368.676262] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  368.682431] CR0=0000000080050033 CR3=00000001d1b65000 CR4=00000000001426f0
[  368.685825] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  368.691848] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  368.703735] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  368.705450] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  368.728361] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  368.741372] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  368.753016] *** Control State ***
[  368.756600] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  368.757726] CR0=0000000080050033 CR3=00000001b0583000 CR4=00000000001426f0
[  368.763548] EntryControls=0000d1ff ExitControls=002fefff
[  368.774359] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  368.775967] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  368.788584] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  368.796017] CR0=0000000080050033 CR3=00000001ad1f1000 CR4=00000000001426e0
[  368.803643] *** Control State ***
[  368.809563] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  368.809891] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  368.816497] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  368.823808] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  368.836822] EntryControls=0000d1ff ExitControls=002fefff
[  368.842837] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  368.846968] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  368.854049]         reason=80000021 qualification=0000000000000000
[  368.856377] *** Control State ***
[  368.862505] IDTVectoring: info=00000000 errcode=00000000
[  368.866320] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  368.871524] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  368.879361] EntryControls=0000d1ff ExitControls=002fefff
[  368.885195] TSC Offset = 0xffffff38a1caed5f
[  368.890946] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  368.902263] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  368.902701] TPR Threshold = 0x00
[  368.912657] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  368.912799] EPT pointer = 0x00000001af94001e
[  368.919550] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  368.930804]         reason=80000021 qualification=0000000000000000
[  368.937479]         reason=80000021 qualification=0000000000000000
[  368.943792] IDTVectoring: info=00000000 errcode=00000000
[  368.949531] IDTVectoring: info=00000000 errcode=00000000
[  368.955008] TSC Offset = 0xffffff389e36823a
[  368.955033] TPR Threshold = 0x00
[  368.959674] TSC Offset = 0xffffff388b053410
[  368.967546] TPR Threshold = 0x00
[  368.971009] EPT pointer = 0x00000001d4e6f01e
17:10:33 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:33 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  368.996270] EPT pointer = 0x00000001c579b01e
17:10:33 executing program 0:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r1, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r3, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r3, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r4 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r4, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:33 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:33 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:33 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:33 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(0x0, &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:33 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  369.256164] *** Guest State ***
[  369.278140] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  369.291847] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  369.310491] *** Guest State ***
[  369.312016] *** Guest State ***
[  369.324260] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  369.327439] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  369.336602] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  369.350992] CR3 = 0x0000000000000000
[  369.353084] CR3 = 0x0000000000000000
[  369.359367] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  369.361336] *** Guest State ***
[  369.366696] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
17:10:33 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  369.373586] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  369.376006] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  369.385945] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  369.389085] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  369.404597] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  369.411426] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  369.415047] CR3 = 0x0000000000000000
[  369.427328] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  369.433238] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  369.440759] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  369.449948] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  369.449982] CR3 = 0x0000000000000000
[  369.450003] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  369.450085] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  369.450236] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  369.467326] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.491176] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.494170] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  369.505797] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.508787] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  369.521454] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  369.521571] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.530535] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.538582] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  369.538826] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.539029] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.539160] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
17:10:33 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:33 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, 0x0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

[  369.539424] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.547692] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.557022] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.572568] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.593913] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.622068] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  369.631324] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.641302] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.649860] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  369.657639] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.666491] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.676564] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  369.680198] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.694472] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  369.700845] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  369.714557] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.722985] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  369.723114] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  369.723234] Interruptibility = 00000000  ActivityState = 00000000
[  369.723334] *** Host State ***
[  369.723588] RIP = 0xffffffff81223c27  RSP = 0xffff8881c6647350
[  369.724308] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  369.734851] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  369.738854] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
17:10:34 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, &(0x7f0000000040)='keyring\x00')

[  369.752417] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  369.767553] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  369.774358] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  369.777739] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  369.785428] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  369.798214] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  369.806844] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  369.827252] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  369.835710] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  369.851476] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  369.851657] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  369.858131] CR0=0000000080050033 CR3=00000001b255c000 CR4=00000000001426e0
[  369.866395] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  369.890796] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  369.902016] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  369.909992] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  369.915196] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  369.932273] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  369.950930] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  369.958378] Interruptibility = 00000000  ActivityState = 00000000
[  369.967936] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  369.969555] *** Control State ***
[  369.974751] Interruptibility = 00000000  ActivityState = 00000000
[  369.978228] *** Host State ***
[  369.984209] *** Host State ***
[  369.987868] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  369.990979] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  369.997839] RIP = 0xffffffff81223c27  RSP = 0xffff8881d780f350
[  370.005404] RIP = 0xffffffff81223c27  RSP = 0xffff8881c048f350
[  370.011476] EntryControls=0000d1ff ExitControls=002fefff
[  370.017147] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  370.022832] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  370.028989] Interruptibility = 00000000  ActivityState = 00000000
[  370.035472] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  370.048670] *** Host State ***
[  370.049338] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  370.051958] FSBase=00007f0970e33700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  370.058929] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  370.066475] FSBase=00007f9124399700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  370.073394]         reason=80000021 qualification=0000000000000000
[  370.081011] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  370.081024] CR0=0000000080050033 CR3=00000001d221d000 CR4=00000000001426e0
[  370.093283] RIP = 0xffffffff81223c27  RSP = 0xffff8881829ff350
[  370.100396] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  370.107304] IDTVectoring: info=00000000 errcode=00000000
[  370.118561] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  370.118867] TSC Offset = 0xffffff37ffba5f06
[  370.125016] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  370.129699] TPR Threshold = 0x00
[  370.135347] FSBase=00007f9498b76700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  370.139044] EPT pointer = 0x00000001cc10401e
[  370.146631] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  370.157178] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  370.157385] CR0=0000000080050033 CR3=00000001d6b8a000 CR4=00000000001426f0
[  370.163065] CR0=0000000080050033 CR3=00000001ccbb8000 CR4=00000000001426e0
[  370.163079] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  370.163091] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  370.177462] *** Control State ***
[  370.190316] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  370.193805] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  370.200452] *** Control State ***
[  370.210134] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  370.213652] EntryControls=0000d1ff ExitControls=002fefff
[  370.222304] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  370.227508] *** Control State ***
[  370.229245] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  370.232748] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  370.239696] EntryControls=0000d1ff ExitControls=002fefff
17:10:34 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:34 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  370.251932] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  370.252599] EntryControls=0000d1ff ExitControls=002fefff
[  370.258803] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  370.271790] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  370.278788]         reason=80000021 qualification=0000000000000000
[  370.285194] VMEntry: intr_info=80000067 errcode=00000000 ilen=00000000
[  370.297439] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  370.297740] IDTVectoring: info=00000000 errcode=00000000
[  370.314645] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  370.315760] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  370.329032] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  370.335792]         reason=80000021 qualification=0000000000000000
[  370.338353] TSC Offset = 0xffffff380091d369
[  370.347275]         reason=80000021 qualification=0000000000000000
[  370.350704] TPR Threshold = 0x00
[  370.357510] IDTVectoring: info=00000000 errcode=00000000
[  370.359452] EPT pointer = 0x00000001d880e01e
[  370.374401] IDTVectoring: info=00000000 errcode=00000000
[  370.379961] TSC Offset = 0xffffff3802c94491
[  370.392216] TPR Threshold = 0x00
[  370.393911] TSC Offset = 0xffffff37fe2aaccf
[  370.398263] EPT pointer = 0x00000001ce11f01e
[  370.440476] TPR Threshold = 0x00
[  370.443927] EPT pointer = 0x00000001d922701e
17:10:34 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xf, r0, &(0x7f0000000000)='logon\x00', &(0x7f0000000040)='keyring\x00')

17:10:34 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:34 executing program 1:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:34 executing program 2:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x8c, 0x0, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x48, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x8c}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r4, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r4, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r5 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r5, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:34 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  370.533666] *** Guest State ***
[  370.537032] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  370.572013] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:34 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, &(0x7f0000000040)='keyring\x00')

[  370.642708] CR3 = 0x0000000000000000
[  370.666343] *** Guest State ***
[  370.678277] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  370.692237] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  370.711474] *** Guest State ***
17:10:35 executing program 0 (fault-call:1 fault-nth:0):
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  370.715818] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  370.731048] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  370.736820] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  370.745174] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  370.756456] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
17:10:35 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  370.767966] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  370.776722] CR3 = 0x0000000000000000
[  370.786451] CR3 = 0x0000000000000000
[  370.790615] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  370.797084] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.806261] RSP = 0x0000000000000000  RIP = 0x0000000000000000
17:10:35 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, 0x0)

[  370.818157] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.826364] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  370.836359] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.847276] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  370.860945] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
17:10:35 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x9, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  370.870564] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  370.880677] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.891380] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  370.898835] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.907655] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  370.925141] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.933839] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.943889] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.960193] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.971995] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.981524] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  370.984476] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  370.998916] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.002264] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  371.015571] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  371.020494] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  371.031775] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  371.031792] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  371.031815] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  371.031826] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  371.031835] Interruptibility = 00000000  ActivityState = 00000000
[  371.031839] *** Host State ***
[  371.031850] RIP = 0xffffffff81223c27  RSP = 0xffff88817a9b7350
[  371.031869] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  371.040294] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.048284] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  371.048390] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  371.056133] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.068937] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  371.078386] FSBase=00007f0970e33700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  371.078398] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  371.078412] CR0=0000000080050033 CR3=00000001b0db4000 CR4=00000000001426f0
[  371.078426] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  371.078437] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  371.078442] *** Control State ***
[  371.078450] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  371.078471] EntryControls=0000d1ff ExitControls=002fefff
[  371.078484] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  371.078492] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  371.078500] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  371.078507]         reason=80000021 qualification=0000000000000000
[  371.078514] IDTVectoring: info=00000000 errcode=00000000
[  371.078520] TSC Offset = 0xffffff373a0772ae
[  371.078525] TPR Threshold = 0x00
[  371.078532] EPT pointer = 0x00000001c0ea201e
[  371.078799] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.078878] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  371.079009] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  371.079087] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  371.079223] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  371.102340] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  371.110284] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
17:10:35 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x78, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:35 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, 0x0)

17:10:35 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:35 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x18, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:35 executing program 1 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x1})

[  371.110362] Interruptibility = 00000000  ActivityState = 00000000
[  371.125974] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  371.184384] Interruptibility = 00000000  ActivityState = 00000000
[  371.204462] *** Host State ***
[  371.208607] *** Host State ***
[  371.229988] RIP = 0xffffffff81223c27  RSP = 0xffff8881c6647350
[  371.237825] RIP = 0xffffffff81223c27  RSP = 0xffff888182057350
[  371.237846] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  371.237858] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  371.237868] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  371.237895] CR0=0000000080050033 CR3=00000001d4f3e000 CR4=00000000001426e0
[  371.237908] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  371.237918] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  371.237923] *** Control State ***
[  371.237931] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  371.237951] EntryControls=0000d1ff ExitControls=002fefff
[  371.237976] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  371.237985] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  371.238006] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  371.238027]         reason=80000021 qualification=0000000000000000
[  371.238034] IDTVectoring: info=00000000 errcode=00000000
[  371.238039] TSC Offset = 0xffffff3752e608b2
[  371.238045] TPR Threshold = 0x00
[  371.238052] EPT pointer = 0x00000001c5d8801e
[  371.246968] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  371.269254] FSBase=00007f9124399700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  371.288401] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  371.378426] usb usb9: usbfs: process 16421 (syz-executor1) did not claim interface 0 before use
[  371.392249] CR0=0000000080050033 CR3=00000001befe3000 CR4=00000000001426e0
[  371.459313] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  371.475514] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  371.486945] *** Control State ***
[  371.491014] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  371.508084] EntryControls=0000d1ff ExitControls=002fefff
[  371.537699] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  371.553978] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  371.570663] *** Guest State ***
[  371.573996] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  371.586002] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  371.593305] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  371.609169] CR3 = 0x0000000000000000
[  371.613203] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  371.618878]         reason=80000021 qualification=0000000000000000
[  371.625990] IDTVectoring: info=00000000 errcode=00000000
[  371.631830] TSC Offset = 0xffffff373be27ec9
17:10:35 executing program 2 (fault-call:1 fault-nth:0):
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0xa1})

17:10:35 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x4, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:35 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0x1})

17:10:35 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, 0x0)

17:10:35 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  371.636223] TPR Threshold = 0x00
[  371.640001] EPT pointer = 0x00000001d4eb201e
[  371.657647] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  371.702336] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  371.715355] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  371.723830] usb usb9: usbfs: process 16443 (syz-executor1) did not claim interface 0 before use
[  371.733807] usb usb9: usbfs: process 16444 (syz-executor2) did not claim interface 0 before use
17:10:36 executing program 4 (fault-call:2 fault-nth:0):
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:36 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x40087602, &(0x7f0000000000)={0x1})

[  371.748415] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.770394] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.784155] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.798574] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.812457] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  371.827547] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  371.835528] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  371.866172] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  371.874434] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  371.904541] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  371.916470] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  371.940080] Interruptibility = 00000000  ActivityState = 00000000
[  371.946334] *** Host State ***
[  371.953140] RIP = 0xffffffff81223c27  RSP = 0xffff8881c048f350
[  371.964381] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  371.971201] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  371.979803] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  371.986352] CR0=0000000080050033 CR3=00000001d894e000 CR4=00000000001426f0
[  371.993509] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  372.000226] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  372.006284] *** Control State ***
[  372.009763] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
17:10:36 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x78, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:36 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185500, &(0x7f0000000000)={0xa1})

17:10:36 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x14, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:36 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(0xffffffffffffffff, 0xc020660b, &(0x7f0000000040)={0x6, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:36 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x8108551b, &(0x7f0000000000)={0x1})

17:10:36 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xb, r0, 0x0, &(0x7f0000000040)='keyring\x00')

[  372.016431] EntryControls=0000d1ff ExitControls=002fefff
[  372.021914] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  372.028855] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  372.035511] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  372.042140]         reason=80000021 qualification=0000000000000000
[  372.048499] IDTVectoring: info=00000000 errcode=00000000
[  372.053942] TSC Offset = 0xffffff36bbd28d80
[  372.058815] TPR Threshold = 0x00
[  372.062193] EPT pointer = 0x00000001ce33b01e
17:10:36 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x1b, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:36 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x80045519, &(0x7f0000000000)={0x1})

[  372.136395] usb usb9: usbfs: process 16465 (syz-executor2) did not claim interface 0 before use
17:10:36 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x8008550e, &(0x7f0000000000)={0xa1})

17:10:36 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x5421, &(0x7f0000000000)={0x1})

17:10:36 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x17, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:36 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x7, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  372.396294] *** Guest State ***
[  372.409550] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  372.450001] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  372.474448] CR3 = 0x0000000000000000
[  372.478791] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  372.488366] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  372.504900] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  372.513310] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  372.522858] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  372.532227] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  372.541717] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  372.550729] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  372.559069] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  372.567233] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  372.575299] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  372.584031] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  372.592391] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  372.601515] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  372.608201] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  372.615710] Interruptibility = 00000000  ActivityState = 00000000
[  372.622520] *** Host State ***
[  372.625768] RIP = 0xffffffff81223c27  RSP = 0xffff88817d5d7350
[  372.632138] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  372.638806] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000003000
[  372.646651] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  372.652676] CR0=0000000080050033 CR3=00000001c348c000 CR4=00000000001426e0
[  372.659911] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  372.666611] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  372.672905] *** Control State ***
[  372.676423] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  372.683214] EntryControls=0000d1ff ExitControls=002fefff
[  372.688831] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  372.695783] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
17:10:37 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x78, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x34, 0x2, [@IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x78}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:37 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:37 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x5514, &(0x7f0000000000)={0x1})

17:10:37 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x80045510, &(0x7f0000000000)={0xa1})

17:10:37 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x10, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x16, r0, 0x0, &(0x7f0000000040)='keyring\x00')

[  372.702606] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  372.709927]         reason=80000021 qualification=0000000000000000
[  372.716288] IDTVectoring: info=00000000 errcode=00000000
[  372.721982] TSC Offset = 0xffffff3658357f36
[  372.726324] TPR Threshold = 0x00
[  372.730087] EPT pointer = 0x00000001d8ea301e
17:10:37 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x80045510, &(0x7f0000000000)={0x1})

17:10:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x11, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:37 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185503, &(0x7f0000000000)={0xa1})

17:10:37 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x13, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:37 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0045878, &(0x7f0000000000)={0x1})

17:10:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x12, r0, 0x0, &(0x7f0000000040)='keyring\x00')

[  373.014567] *** Guest State ***
[  373.030613] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  373.046432] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  373.079583] CR3 = 0x0000000000000000
[  373.084801] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  373.098439] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  373.106033] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  373.113310] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  373.137618] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.151373] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.191656] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.200878] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.215156] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.223754] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  373.232314] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  373.241124] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  373.249853] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  373.257954] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  373.264407] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  373.272205] Interruptibility = 00000000  ActivityState = 00000000
[  373.278556] *** Host State ***
[  373.281936] RIP = 0xffffffff81223c27  RSP = 0xffff888182057350
[  373.288216] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  373.294773] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000003000
[  373.302680] GDTBase=fffffe0000001000 IDTBase=fffffe0000000000
[  373.308647] CR0=0000000080050033 CR3=00000001bdec4000 CR4=00000000001426f0
[  373.315734] Sysenter RSP=fffffe0000002200 CS:RIP=0010:ffffffff87e01360
[  373.322489] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  373.328743] *** Control State ***
[  373.332232] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
17:10:37 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:37 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:37 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc018554c, &(0x7f0000000000)={0x1})

17:10:37 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc018557a, &(0x7f0000000000)={0xa1})

17:10:37 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x16, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x7, r0, 0x0, &(0x7f0000000040)='keyring\x00')

[  373.339027] EntryControls=0000d1ff ExitControls=002fefff
[  373.344616] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  373.351710] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  373.359366] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  373.365966]         reason=80000021 qualification=0000000000000000
[  373.372671] IDTVectoring: info=00000000 errcode=00000000
[  373.379305] TSC Offset = 0xffffff35ff05b7bd
[  373.383665] TPR Threshold = 0x00
[  373.387046] EPT pointer = 0x00000001ac46b01e
17:10:37 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x802c550a, &(0x7f0000000000)={0x1})

17:10:37 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc018554c, &(0x7f0000000000)={0xa1})

17:10:37 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x1d, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:37 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4b47, &(0x7f0000000000)={0x1})

17:10:37 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, 0x0)
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:37 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x8, r0, 0x0, &(0x7f0000000040)='keyring\x00')

[  373.642725] *** Guest State ***
[  373.657659] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  373.692435] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  373.736277] CR3 = 0x0000000000000000
[  373.744315] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  373.757346] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  373.768144] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  373.775321] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  373.784030] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.793159] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.810509] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.832112] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.841476] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  373.857407] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  373.870816] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  373.880281] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  373.904444] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  373.914443] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  373.921655] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  373.930471] Interruptibility = 00000000  ActivityState = 00000000
[  373.937015] *** Host State ***
[  373.941810] RIP = 0xffffffff81223c27  RSP = 0xffff8881c3e27350
[  373.948532] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  373.955395] FSBase=00007fb18d245700 GSBase=ffff8881dae00000 TRBase=fffffe0000033000
[  373.964414] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  373.972636] CR0=0000000080050033 CR3=00000001ba4fc000 CR4=00000000001426f0
[  373.980833] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  373.988345] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  373.994493] *** Control State ***
[  373.998394] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  374.005063] EntryControls=0000d1ff ExitControls=002fefff
[  374.010875] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
[  374.017926] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  374.024664] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  374.031413]         reason=80000021 qualification=0000000000000000
17:10:38 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x12, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:38 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x80045503, &(0x7f0000000000)={0xa1})

17:10:38 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc018557a, &(0x7f0000000000)={0x1})

17:10:38 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0xc, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:38 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:38 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  374.038027] IDTVectoring: info=00000000 errcode=00000000
[  374.043835] TSC Offset = 0xffffff35a796a58d
[  374.048291] TPR Threshold = 0x00
[  374.051674] EPT pointer = 0x00000001ce46a01e
17:10:38 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x8038550a, &(0x7f0000000000)={0x1})

17:10:38 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x8108551b, &(0x7f0000000000)={0xa1})

17:10:38 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x14, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:38 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x8, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:38 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x6, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:38 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185548, &(0x7f0000000000)={0x1})

17:10:38 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x2, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:38 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x551f, &(0x7f0000000000)={0xa1})

17:10:38 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

[  374.427562] *** Guest State ***
17:10:38 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x2, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  374.463014] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  374.475219] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  374.528980] CR3 = 0x0000000000000000
[  374.548524] RSP = 0x0000000000000000  RIP = 0x0000000000000000
[  374.564905] RFLAGS=0x0001a202         DR7 = 0x0000000000000400
[  374.571715] Sysenter RSP=0000000000000000 CS:RIP=0000:0000000000000000
[  374.578973] CS:   sel=0xf000, attr=0x0009b, limit=0x0000ffff, base=0x00000000ffff0000
[  374.588494] DS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  374.614164] SS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  374.623043] ES:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  374.631832] FS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  374.640517] GS:   sel=0x0000, attr=0x00093, limit=0x0000ffff, base=0x0000000000000000
[  374.650744] GDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  374.659277] LDTR: sel=0x0000, attr=0x00082, limit=0x0000ffff, base=0x0000000000000000
[  374.667717] IDTR:                           limit=0x0000ffff, base=0x0000000000000000
[  374.676063] TR:   sel=0x0000, attr=0x0008b, limit=0x0000ffff, base=0x0000000000000000
[  374.684498] EFER =     0x0000000000000000  PAT = 0x0007040600070406
[  374.691228] DebugCtl = 0x0000000000000000  DebugExceptions = 0x0000000000000000
[  374.698833] Interruptibility = 00000000  ActivityState = 00000000
[  374.705288] *** Host State ***
[  374.708692] RIP = 0xffffffff81223c27  RSP = 0xffff888176877350
[  374.714831] CS=0010 SS=0018 DS=0000 ES=0000 FS=0000 GS=0000 TR=0040
[  374.721454] FSBase=00007fb18d245700 GSBase=ffff8881daf00000 TRBase=fffffe0000033000
[  374.729513] GDTBase=fffffe0000031000 IDTBase=fffffe0000000000
[  374.735540] CR0=0000000080050033 CR3=00000001b25f7000 CR4=00000000001426e0
[  374.743011] Sysenter RSP=fffffe0000032200 CS:RIP=0010:ffffffff87e01360
[  374.749942] EFER = 0x0000000000000d01  PAT = 0x0407050600070106
[  374.756014] *** Control State ***
[  374.759807] PinBased=0000003f CPUBased=b5a06dfa SecondaryExec=000000c3
[  374.766519] EntryControls=0000d1ff ExitControls=002fefff
[  374.772123] ExceptionBitmap=00060042 PFECmask=00000000 PFECmatch=00000000
17:10:39 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x5452, &(0x7f0000000000)={0x1})

17:10:39 executing program 5:
perf_event_open(&(0x7f0000000040)={0x2000000005, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @perf_bp={&(0x7f0000000000), 0x1}}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = socket$inet_dccp(0x2, 0x6, 0x0)
r1 = syz_open_dev$mice(&(0x7f0000000180)='/dev/input/mice\x00', 0x0, 0x0)
setsockopt$bt_hci_HCI_TIME_STAMP(r1, 0x0, 0x3, &(0x7f00000009c0)=0x3f, 0x4)
getsockopt$inet_int(r0, 0x10d, 0x2, &(0x7f0000000040), &(0x7f0000000000)=0x1c5)
getpeername$packet(0xffffffffffffff9c, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000100)=0x14)
getsockopt$inet_sctp_SCTP_PR_ASSOC_STATUS(r1, 0x84, 0x73, &(0x7f00000002c0)={<r3=>0x0, 0xa, 0x30, 0x8d5, 0xc}, &(0x7f0000000540)=0x18)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x1f, &(0x7f0000000700)={r3, @in6={{0xa, 0x4e24, 0x1, @loopback, 0x7}}, 0x8, 0x2}, 0x90)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='memory.events\x00', 0x26e1, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x20000fff})
getpeername$inet6(0xffffffffffffffff, 0x0, 0x0)
prctl$PR_SET_UNALIGN(0x6, 0x2)
ioctl$KVM_IRQ_LINE_STATUS(r1, 0xc008ae67, &(0x7f0000000200)={0x6, 0xffffffffffff4c08})
r5 = perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$FS_IOC_FSSETXATTR(r4, 0xc020660b, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0x980000})
r6 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$inet_mtu(r6, 0x0, 0xa, &(0x7f0000000080)=0x2, 0x4)
accept4(r1, &(0x7f0000000900)=@ax25, &(0x7f0000000580)=0x80, 0x80000)
r7 = openat$vhci(0xffffffffffffff9c, &(0x7f0000000240)='/dev/vhci\x00', 0x20080, 0x0)
ioctl$KVM_ASSIGN_SET_INTX_MASK(r7, 0x4040aea4, &(0x7f0000000300)={0x3, 0x200000006, 0x24d78e50, 0x4, 0x400})
fremovexattr(r5, &(0x7f0000000340)=@known='system.advise\x00')
r8 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
ioctl$sock_inet6_SIOCDIFADDR(r4, 0x8936, &(0x7f00000001c0)={@mcast2, 0x23, r2})
connect$llc(r8, &(0x7f00000000c0)={0x1a, 0x1, 0x5, 0x5, 0xc93, 0x8, @link_local}, 0x10)
sendmmsg(r8, &(0x7f0000001380), 0x3fffff1, 0x40)

17:10:39 executing program 2:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x4008550c, &(0x7f0000000000)={0xa1})

17:10:39 executing program 4:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
r0 = add_key$keyring(&(0x7f00000001c0)='keyring\x00', &(0x7f0000000200)={'syz'}, 0x0, 0x0, 0xfffffffffffffffd)
keyctl$restrict_keyring(0x18, r0, 0x0, &(0x7f0000000040)='keyring\x00')

17:10:39 executing program 3:
r0 = socket$inet_sctp(0x2, 0x800000000001, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000680)=[@in={0x2, 0x0, @loopback}], 0x10)
openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f0000000000)='/proc/thread-self/attr/exec\x00', 0x2, 0x0)
r1 = accept(r0, &(0x7f0000000040)=ANY=[], &(0x7f0000123000))
listen(r0, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600)='/dev/kvm\x00', 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
perf_event_open(&(0x7f000001d000)={0x1, 0x70, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7f, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x81, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext={0x0, 0x10001}}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
getsockopt$inet_sctp_SCTP_STATUS(0xffffffffffffffff, 0x84, 0xe, &(0x7f0000000ac0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfffffffffffffff7, 0x0, {0x0, @in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0)
r4 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000380)='IPVS\x00')
sendmsg$IPVS_CMD_SET_CONFIG(r1, &(0x7f0000000640)={&(0x7f0000000240), 0xc, &(0x7f0000000580)={&(0x7f00000003c0)={0x84, r4, 0x1, 0x70bd29, 0x25dfdbfc, {}, [@IPVS_CMD_ATTR_DEST={0xc, 0x2, [@IPVS_DEST_ATTR_L_THRESH={0x8, 0x6, 0x4}]}, @IPVS_CMD_ATTR_DAEMON={0x24, 0x3, [@IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x4}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x6}, @IPVS_DAEMON_ATTR_MCAST_TTL={0x8, 0x8, 0x2}, @IPVS_DAEMON_ATTR_SYNC_MAXLEN={0x8, 0x4, 0x80000000}]}, @IPVS_CMD_ATTR_DEST={0x40, 0x2, [@IPVS_DEST_ATTR_ADDR={0x14, 0x1, @ipv4=@multicast2}, @IPVS_DEST_ATTR_INACT_CONNS={0x8}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0xa}, @IPVS_DEST_ATTR_PERSIST_CONNS={0x8, 0x9, 0x1}, @IPVS_DEST_ATTR_WEIGHT={0x8, 0x4, 0x3}, @IPVS_DEST_ATTR_ADDR_FAMILY={0x8, 0xb, 0x2}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x1}, 0x8010)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r5 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_PPC_ALLOCATE_HTAB(r2, 0xc004aea7, &(0x7f0000000040)=0x1)
ioctl$sock_inet_SIOCDELRT(0xffffffffffffffff, 0x890c, &(0x7f00000001c0)={0x0, {0x2, 0x0, @multicast2}, {0x2, 0x0, @remote}, {0x2, 0x0, @multicast1}, 0x2, 0x0, 0x0, 0x7ff, 0x9, 0x0, 0x0, 0x6, 0xeb})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000480)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x100000000000, 0x0, 0x7], 0x0, 0x1a200})
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(0xffffffffffffffff, 0x40405515, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 'y\x14\bK\x16^\x9e\xc5/\x15\x95\xab)\xeb\xf0\x15\xf3{T\x1aWP\xac\xb2\xac\x95\xe9\xad9b\xaf5.S#\xb7y\x82\x1f\xa5^\xe1K\xf9'})
ioctl$KVM_GET_VCPU_EVENTS(r5, 0x4400ae8f, &(0x7f0000000000))
ioctl$KVM_RUN(r5, 0xae80, 0x0)
syz_genetlink_get_family_id$ipvs(&(0x7f00000002c0)='IPVS\x00')
r6 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r6, 0xc0185500, &(0x7f0000000000)={0x80, 0x1000000})

17:10:39 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0xe, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  374.779259] VMEntry: intr_info=80000084 errcode=00000000 ilen=00000000
[  374.786096] VMExit: intr_info=00000000 errcode=00000000 ilen=00000000
[  374.792990]         reason=80000021 qualification=0000000000000000
[  374.799541] IDTVectoring: info=00000000 errcode=00000000
[  374.805033] TSC Offset = 0xffffff3543432cd0
[  374.809767] TPR Threshold = 0x00
[  374.813169] EPT pointer = 0x00000001bbe2f01e
17:10:39 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x40085511, &(0x7f0000000000)={0x1})

17:10:39 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0xb, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  374.895702] kasan: CONFIG_KASAN_INLINE enabled
[  374.914410] kasan: GPF could be caused by NULL-ptr deref or user memory access
[  374.957787] general protection fault: 0000 [#1] PREEMPT SMP KASAN
[  374.964059] CPU: 0 PID: 16634 Comm: syz-executor4 Not tainted 4.20.0+ #169
[  374.971076] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
[  374.980551] RIP: 0010:keyctl_pkey_params_get+0x2e7/0x560
[  374.986010] Code: fe 48 8b 44 24 38 48 c1 e8 03 42 80 3c 28 00 0f 85 f8 01 00 00 4c 8b a4 24 e0 00 00 00 4c 89 e0 4c 89 e2 48 c1 e8 03 83 e2 07 <42> 0f b6 04 28 38 d0 7f 08 84 c0 0f 85 e1 01 00 00 41 0f b6 04 24
17:10:39 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0x17, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

17:10:39 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0x41045508, &(0x7f0000000000)={0x1})

[  375.005353] RSP: 0018:ffff888181e07b70 EFLAGS: 00010246
[  375.010736] RAX: 132ec82bbd35f2c0 RBX: ffff888181e07d60 RCX: ffffc9000dead000
[  375.018005] RDX: 0000000000000000 RSI: ffffffff833f14ee RDI: 0000000000000001
[  375.025281] RBP: ffff888181e07ce0 R08: ffff888179d3e080 R09: ffffed103aaa3400
[  375.032553] R10: ffffed103aaa3400 R11: ffff8881d551a007 R12: 9976415de9af9600
[  375.039823] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.047106] FS:  00007fe411bf7700(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
17:10:39 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0185502, &(0x7f0000000000)={0x1})

17:10:39 executing program 0:
perf_event_open(&(0x7f000025c000)={0x2, 0x70, 0x3e2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext}, 0x0, 0x0, 0xffffffffffffffff, 0x0)
keyctl$restrict_keyring(0xd, 0x0, &(0x7f0000000000)='logon\x00', 0x0)

[  375.055348] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.061237] CR2: 00007f45a0bff518 CR3: 00000001bcd87000 CR4: 00000000001426f0
[  375.068512] DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000
[  375.075799] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  375.083064] Call Trace:
[  375.085674]  ? __keyctl_dh_compute.cold.4+0x71/0x71
[  375.090719]  ? arch_local_save_flags+0x40/0x40
[  375.095322]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  375.100807]  keyctl_pkey_query+0xb8/0x2b0
17:10:39 executing program 1:
r0 = syz_open_dev$usb(&(0x7f00000000c0)='/dev/bus/usb/00#/00#\x00', 0x8000000000b, 0x5)
ioctl$FS_IOC_FSGETXATTR(r0, 0xc0105500, &(0x7f0000000000)={0x1})

[  375.105003]  ? keyctl_pkey_params_get_2+0x580/0x580
[  375.110046]  ? do_syscall_64+0x9a/0x820
[  375.114029]  ? do_syscall_64+0x9a/0x820
[  375.118020]  ? lockdep_hardirqs_on+0x421/0x5c0
[  375.122804]  ? entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  375.128202]  ? __bpf_trace_preemptirq_template+0x30/0x30
[  375.133670]  __x64_sys_keyctl+0x15f/0x430
[  375.134156] kobject: 'loop1' (00000000d8ceae75): kobject_uevent_env
[  375.137826]  do_syscall_64+0x1b9/0x820
[  375.137841]  ? entry_SYSCALL_64_after_hwframe+0x3e/0xbe
[  375.137859]  ? syscall_return_slowpath+0x5e0/0x5e0
[  375.137875]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  375.144376] kobject: 'loop1' (00000000d8ceae75): fill_kobj_path: path = '/devices/virtual/block/loop1'
[  375.148143]  ? trace_hardirqs_on_caller+0x310/0x310
[  375.148162]  ? prepare_exit_to_usermode+0x3b0/0x3b0
[  375.148180]  ? prepare_exit_to_usermode+0x291/0x3b0
[  375.148208]  ? trace_hardirqs_off_thunk+0x1a/0x1c
[  375.157806] kobject: 'kvm' (000000009f8514ef): kobject_uevent_env
[  375.158495]  entry_SYSCALL_64_after_hwframe+0x49/0xbe
[  375.158507] RIP: 0033:0x457759
[  375.158522] Code: fd b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 0f 83 cb b3 fb ff c3 66 2e 0f 1f 84 00 00 00 00
[  375.163366] kobject: 'kvm' (000000009f8514ef): fill_kobj_path: path = '/devices/virtual/misc/kvm'
[  375.172789] RSP: 002b:00007fe411bf6c78 EFLAGS: 00000246 ORIG_RAX: 00000000000000fa
[  375.172803] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000000457759
[  375.172812] RDX: 0000000000000000 RSI: 0000000002ba4375 RDI: 0000000000000018
[  375.172820] RBP: 000000000073bf00 R08: 0000000000000000 R09: 0000000000000000
[  375.172829] R10: 0000000020000040 R11: 0000000000000246 R12: 00007fe411bf76d4
[  375.172838] R13: 00000000004c3057 R14: 00000000004d5808 R15: 00000000ffffffff
[  375.172863] Modules linked in:
[  375.266566] *** Guest State ***
[  375.277359] ---[ end trace 2a20fe4c0a4d57ac ]---
[  375.290901] RIP: 0010:keyctl_pkey_params_get+0x2e7/0x560
[  375.292489] CR0: actual=0x0000000000000030, shadow=0x0000000060000010, gh_mask=fffffffffffffff7
[  375.297600] Code: fe 48 8b 44 24 38 48 c1 e8 03 42 80 3c 28 00 0f 85 f8 01 00 00 4c 8b a4 24 e0 00 00 00 4c 89 e0 4c 89 e2 48 c1 e8 03 83 e2 07 <42> 0f b6 04 28 38 d0 7f 08 84 c0 0f 85 e1 01 00 00 41 0f b6 04 24
[  375.308311] CR4: actual=0x0000000000002040, shadow=0x0000000000000000, gh_mask=ffffffffffffe871
[  375.325608] RSP: 0018:ffff888181e07b70 EFLAGS: 00010246
[  375.333653] CR3 = 0x0000000000000000
[  375.338997] RAX: 132ec82bbd35f2c0 RBX: ffff888181e07d60 RCX: ffffc9000dead000
[  375.339008] RDX: 0000000000000000 RSI: ffffffff833f14ee RDI: 0000000000000001
[  375.339018] RBP: ffff888181e07ce0 R08: ffff888179d3e080 R09: ffffed103aaa3400
[  375.339028] R10: ffffed103aaa3400 R11: ffff8881d551a007 R12: 9976415de9af9600
[  375.339038] R13: dffffc0000000000 R14: 0000000000000000 R15: 0000000000000000
[  375.339050] FS:  00007fe411bf7700(0000) GS:ffff8881dae00000(0000) knlGS:0000000000000000
[  375.339074] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  375.339112] CR2: 0000001b2c029000 CR3: 00000001bcd87000 CR4: 00000000001426f0
[  375.339139] DR0: 0000000020000000 DR1: 0000000000000000 DR2: 0000000000000000
[  375.339149] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000600
[  375.339157] Kernel panic - not syncing: Fatal exception
[  375.340088] Kernel Offset: disabled
[  375.424828] Rebooting in 86400 seconds..